This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

applicationloadbalancing

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class pulumi_aws.applicationloadbalancing.AwaitableGetListenerResult(arn=None, certificate_arn=None, default_actions=None, id=None, load_balancer_arn=None, port=None, protocol=None, ssl_policy=None)
class pulumi_aws.applicationloadbalancing.AwaitableGetLoadBalancerResult(access_logs=None, arn=None, arn_suffix=None, dns_name=None, drop_invalid_header_fields=None, enable_deletion_protection=None, id=None, idle_timeout=None, internal=None, ip_address_type=None, load_balancer_type=None, name=None, security_groups=None, subnet_mappings=None, subnets=None, tags=None, vpc_id=None, zone_id=None)
class pulumi_aws.applicationloadbalancing.AwaitableGetTargetGroupResult(arn=None, arn_suffix=None, deregistration_delay=None, health_check=None, id=None, lambda_multi_value_headers_enabled=None, load_balancing_algorithm_type=None, name=None, port=None, protocol=None, proxy_protocol_v2=None, slow_start=None, stickiness=None, tags=None, target_type=None, vpc_id=None)
class pulumi_aws.applicationloadbalancing.GetListenerResult(arn=None, certificate_arn=None, default_actions=None, id=None, load_balancer_arn=None, port=None, protocol=None, ssl_policy=None)

A collection of values returned by getListener.

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_aws.applicationloadbalancing.GetLoadBalancerResult(access_logs=None, arn=None, arn_suffix=None, dns_name=None, drop_invalid_header_fields=None, enable_deletion_protection=None, id=None, idle_timeout=None, internal=None, ip_address_type=None, load_balancer_type=None, name=None, security_groups=None, subnet_mappings=None, subnets=None, tags=None, vpc_id=None, zone_id=None)

A collection of values returned by getLoadBalancer.

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_aws.applicationloadbalancing.GetTargetGroupResult(arn=None, arn_suffix=None, deregistration_delay=None, health_check=None, id=None, lambda_multi_value_headers_enabled=None, load_balancing_algorithm_type=None, name=None, port=None, protocol=None, proxy_protocol_v2=None, slow_start=None, stickiness=None, tags=None, target_type=None, vpc_id=None)

A collection of values returned by getTargetGroup.

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_aws.applicationloadbalancing.Listener(resource_name, opts=None, certificate_arn=None, default_actions=None, load_balancer_arn=None, port=None, protocol=None, ssl_policy=None, __props__=None, __name__=None, __opts__=None)

Provides a Load Balancer Listener resource.

Note: alb.Listener is known as lb.Listener. The functionality is identical.

import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
front_end_listener = aws.lb.Listener("frontEndListener",
    certificate_arn="arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
    default_actions=[{
        "target_group_arn": front_end_target_group.arn,
        "type": "forward",
    }],
    load_balancer_arn=front_end_load_balancer.arn,
    port="443",
    protocol="HTTPS",
    ssl_policy="ELBSecurityPolicy-2016-08")
import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_listener = aws.lb.Listener("frontEndListener",
    default_actions=[{
        "redirect": {
            "port": "443",
            "protocol": "HTTPS",
            "status_code": "HTTP_301",
        },
        "type": "redirect",
    }],
    load_balancer_arn=front_end_load_balancer.arn,
    port="80",
    protocol="HTTP")
import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_listener = aws.lb.Listener("frontEndListener",
    default_actions=[{
        "fixedResponse": {
            "content_type": "text/plain",
            "messageBody": "Fixed response content",
            "status_code": "200",
        },
        "type": "fixed-response",
    }],
    load_balancer_arn=front_end_load_balancer.arn,
    port="80",
    protocol="HTTP")
import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
pool = aws.cognito.UserPool("pool")
client = aws.cognito.UserPoolClient("client")
domain = aws.cognito.UserPoolDomain("domain")
front_end_listener = aws.lb.Listener("frontEndListener",
    default_actions=[
        {
            "authenticateCognito": {
                "userPoolArn": pool.arn,
                "userPoolClientId": client.id,
                "userPoolDomain": domain.domain,
            },
            "type": "authenticate-cognito",
        },
        {
            "target_group_arn": front_end_target_group.arn,
            "type": "forward",
        },
    ],
    load_balancer_arn=front_end_load_balancer.arn,
    port="80",
    protocol="HTTP")
import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
front_end_listener = aws.lb.Listener("frontEndListener",
    default_actions=[
        {
            "authenticateOidc": {
                "authorizationEndpoint": "https://example.com/authorization_endpoint",
                "client_id": "client_id",
                "client_secret": "client_secret",
                "issuer": "https://example.com",
                "tokenEndpoint": "https://example.com/token_endpoint",
                "userInfoEndpoint": "https://example.com/user_info_endpoint",
            },
            "type": "authenticate-oidc",
        },
        {
            "target_group_arn": front_end_target_group.arn,
            "type": "forward",
        },
    ],
    load_balancer_arn=front_end_load_balancer.arn,
    port="80",
    protocol="HTTP")
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • certificate_arn (pulumi.Input[str]) – The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the lb.ListenerCertificate resource.

  • default_actions (pulumi.Input[list]) – An Action block. Action blocks are documented below.

  • load_balancer_arn (pulumi.Input[str]) – The ARN of the load balancer.

  • port (pulumi.Input[float]) – The port on which the load balancer is listening.

  • protocol (pulumi.Input[str]) – The protocol for connections from clients to the load balancer. Valid values are TCP, TLS, UDP, TCP_UDP, HTTP and HTTPS. Defaults to HTTP.

  • ssl_policy (pulumi.Input[str]) – The name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

The default_actions object supports the following:

  • authenticateCognito (pulumi.Input[dict])

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (pulumi.Input[str]) - The ARN of the Cognito user pool.

    • userPoolClientId (pulumi.Input[str]) - The ID of the Cognito user pool client.

    • userPoolDomain (pulumi.Input[str]) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (pulumi.Input[dict])

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (pulumi.Input[str]) - The authorization endpoint of the IdP.

    • client_id (pulumi.Input[str]) - The OAuth 2.0 client identifier.

    • client_secret (pulumi.Input[str]) - The OAuth 2.0 client secret.

    • issuer (pulumi.Input[str]) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (pulumi.Input[str]) - The token endpoint of the IdP.

    • userInfoEndpoint (pulumi.Input[str]) - The user info endpoint of the IdP.

  • fixedResponse (pulumi.Input[dict]) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (pulumi.Input[str]) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (pulumi.Input[str]) - The message body.

    • status_code (pulumi.Input[str]) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (pulumi.Input[dict]) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (pulumi.Input[dict]) - The target group stickiness for the rule.

      • duration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (pulumi.Input[bool]) - Indicates whether target group stickiness is enabled.

    • targetGroups (pulumi.Input[list]) - One or more target groups block.

      • arn (pulumi.Input[str]) - The Amazon Resource Name (ARN) of the target group.

      • weight (pulumi.Input[float]) - The weight. The range is 0 to 999.

  • order (pulumi.Input[float])

  • redirect (pulumi.Input[dict]) - Information for creating a redirect action. Required if type is redirect.

    • host (pulumi.Input[str]) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (pulumi.Input[str]) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (pulumi.Input[str]) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (pulumi.Input[str]) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (pulumi.Input[str]) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (pulumi.Input[str]) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (pulumi.Input[str]) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (pulumi.Input[str]) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

arn: pulumi.Output[str] = None

The Amazon Resource Name (ARN) of the target group.

certificate_arn: pulumi.Output[str] = None

The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the lb.ListenerCertificate resource.

default_actions: pulumi.Output[list] = None

An Action block. Action blocks are documented below.

  • authenticateCognito (dict)

    • authenticationRequestExtraParams (dict) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (str) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (str) - The set of user claims to be requested from the IdP.

    • sessionCookieName (str) - The name of the cookie used to maintain session information.

    • sessionTimeout (float) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (str) - The ARN of the Cognito user pool.

    • userPoolClientId (str) - The ID of the Cognito user pool client.

    • userPoolDomain (str) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (dict)

    • authenticationRequestExtraParams (dict) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (str) - The authorization endpoint of the IdP.

    • client_id (str) - The OAuth 2.0 client identifier.

    • client_secret (str) - The OAuth 2.0 client secret.

    • issuer (str) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (str) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (str) - The set of user claims to be requested from the IdP.

    • sessionCookieName (str) - The name of the cookie used to maintain session information.

    • sessionTimeout (float) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (str) - The token endpoint of the IdP.

    • userInfoEndpoint (str) - The user info endpoint of the IdP.

  • fixedResponse (dict) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (str) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (str) - The message body.

    • status_code (str) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (dict) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (dict) - The target group stickiness for the rule.

      • duration (float) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (bool) - Indicates whether target group stickiness is enabled.

    • targetGroups (list) - One or more target groups block.

      • arn (str) - The Amazon Resource Name (ARN) of the target group.

      • weight (float) - The weight. The range is 0 to 999.

  • order (float)

  • redirect (dict) - Information for creating a redirect action. Required if type is redirect.

    • host (str) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (str) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (str) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (str) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (str) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (str) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (str) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (str) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

load_balancer_arn: pulumi.Output[str] = None

The ARN of the load balancer.

port: pulumi.Output[float] = None

The port on which the load balancer is listening.

protocol: pulumi.Output[str] = None

The protocol for connections from clients to the load balancer. Valid values are TCP, TLS, UDP, TCP_UDP, HTTP and HTTPS. Defaults to HTTP.

ssl_policy: pulumi.Output[str] = None

The name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

static get(resource_name, id, opts=None, arn=None, certificate_arn=None, default_actions=None, load_balancer_arn=None, port=None, protocol=None, ssl_policy=None)

Get an existing Listener resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • arn (pulumi.Input[str]) – The Amazon Resource Name (ARN) of the target group.

  • certificate_arn (pulumi.Input[str]) – The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the lb.ListenerCertificate resource.

  • default_actions (pulumi.Input[list]) – An Action block. Action blocks are documented below.

  • load_balancer_arn (pulumi.Input[str]) – The ARN of the load balancer.

  • port (pulumi.Input[float]) – The port on which the load balancer is listening.

  • protocol (pulumi.Input[str]) – The protocol for connections from clients to the load balancer. Valid values are TCP, TLS, UDP, TCP_UDP, HTTP and HTTPS. Defaults to HTTP.

  • ssl_policy (pulumi.Input[str]) – The name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

The default_actions object supports the following:

  • authenticateCognito (pulumi.Input[dict])

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (pulumi.Input[str]) - The ARN of the Cognito user pool.

    • userPoolClientId (pulumi.Input[str]) - The ID of the Cognito user pool client.

    • userPoolDomain (pulumi.Input[str]) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (pulumi.Input[dict])

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (pulumi.Input[str]) - The authorization endpoint of the IdP.

    • client_id (pulumi.Input[str]) - The OAuth 2.0 client identifier.

    • client_secret (pulumi.Input[str]) - The OAuth 2.0 client secret.

    • issuer (pulumi.Input[str]) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (pulumi.Input[str]) - The token endpoint of the IdP.

    • userInfoEndpoint (pulumi.Input[str]) - The user info endpoint of the IdP.

  • fixedResponse (pulumi.Input[dict]) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (pulumi.Input[str]) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (pulumi.Input[str]) - The message body.

    • status_code (pulumi.Input[str]) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (pulumi.Input[dict]) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (pulumi.Input[dict]) - The target group stickiness for the rule.

      • duration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (pulumi.Input[bool]) - Indicates whether target group stickiness is enabled.

    • targetGroups (pulumi.Input[list]) - One or more target groups block.

      • arn (pulumi.Input[str]) - The Amazon Resource Name (ARN) of the target group.

      • weight (pulumi.Input[float]) - The weight. The range is 0 to 999.

  • order (pulumi.Input[float])

  • redirect (pulumi.Input[dict]) - Information for creating a redirect action. Required if type is redirect.

    • host (pulumi.Input[str]) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (pulumi.Input[str]) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (pulumi.Input[str]) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (pulumi.Input[str]) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (pulumi.Input[str]) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (pulumi.Input[str]) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (pulumi.Input[str]) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (pulumi.Input[str]) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.applicationloadbalancing.ListenerCertificate(resource_name, opts=None, certificate_arn=None, listener_arn=None, __props__=None, __name__=None, __opts__=None)

Provides a Load Balancer Listener Certificate resource.

This resource is for additional certificates and does not replace the default certificate on the listener.

Note: alb.ListenerCertificate is known as lb.ListenerCertificate. The functionality is identical.

import pulumi
import pulumi_aws as aws

example_certificate = aws.acm.Certificate("exampleCertificate")
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_listener = aws.lb.Listener("frontEndListener")
example_listener_certificate = aws.lb.ListenerCertificate("exampleListenerCertificate",
    certificate_arn=example_certificate.arn,
    listener_arn=front_end_listener.arn)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • certificate_arn (pulumi.Input[str]) – The ARN of the certificate to attach to the listener.

  • listener_arn (pulumi.Input[str]) – The ARN of the listener to which to attach the certificate.

certificate_arn: pulumi.Output[str] = None

The ARN of the certificate to attach to the listener.

listener_arn: pulumi.Output[str] = None

The ARN of the listener to which to attach the certificate.

static get(resource_name, id, opts=None, certificate_arn=None, listener_arn=None)

Get an existing ListenerCertificate resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • certificate_arn (pulumi.Input[str]) – The ARN of the certificate to attach to the listener.

  • listener_arn (pulumi.Input[str]) – The ARN of the listener to which to attach the certificate.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.applicationloadbalancing.ListenerRule(resource_name, opts=None, actions=None, conditions=None, listener_arn=None, priority=None, __props__=None, __name__=None, __opts__=None)

Provides a Load Balancer Listener Rule resource.

Note: alb.ListenerRule is known as lb.ListenerRule. The functionality is identical.

import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
front_end_listener = aws.lb.Listener("frontEndListener")
static = aws.lb.ListenerRule("static",
    actions=[{
        "target_group_arn": aws_lb_target_group["static"]["arn"],
        "type": "forward",
    }],
    conditions=[
        {
            "pathPattern": {
                "values": ["/static/*"],
            },
        },
        {
            "hostHeader": {
                "values": ["example.com"],
            },
        },
    ],
    listener_arn=front_end_listener.arn,
    priority=100)
host_based_routing = aws.lb.ListenerRule("hostBasedRouting",
    actions=[{
        "forward": {
            "stickiness": {
                "duration": 600,
                "enabled": True,
            },
            "targetGroup": [
                {
                    "arn": aws_lb_target_group["main"]["arn"],
                    "weight": 80,
                },
                {
                    "arn": aws_lb_target_group["canary"]["arn"],
                    "weight": 20,
                },
            ],
        },
        "type": "forward",
    }],
    conditions=[{
        "hostHeader": {
            "values": ["my-service.*.mycompany.io"],
        },
    }],
    listener_arn=front_end_listener.arn,
    priority=99)
host_based_weighted_routing = aws.lb.ListenerRule("hostBasedWeightedRouting",
    actions=[{
        "target_group_arn": aws_lb_target_group["static"]["arn"],
        "type": "forward",
    }],
    conditions=[{
        "hostHeader": {
            "values": ["my-service.*.mydomain.io"],
        },
    }],
    listener_arn=front_end_listener.arn,
    priority=99)
redirect_http_to_https = aws.lb.ListenerRule("redirectHttpToHttps",
    actions=[{
        "redirect": {
            "port": "443",
            "protocol": "HTTPS",
            "status_code": "HTTP_301",
        },
        "type": "redirect",
    }],
    conditions=[{
        "httpHeader": {
            "httpHeaderName": "X-Forwarded-For",
            "values": ["192.168.1.*"],
        },
    }],
    listener_arn=front_end_listener.arn)
health_check = aws.lb.ListenerRule("healthCheck",
    actions=[{
        "fixedResponse": {
            "content_type": "text/plain",
            "messageBody": "HEALTHY",
            "status_code": "200",
        },
        "type": "fixed-response",
    }],
    conditions=[{
        "queryString": [
            {
                "key": "health",
                "value": "check",
            },
            {
                "value": "bar",
            },
        ],
    }],
    listener_arn=front_end_listener.arn)
pool = aws.cognito.UserPool("pool")
client = aws.cognito.UserPoolClient("client")
domain = aws.cognito.UserPoolDomain("domain")
admin = aws.lb.ListenerRule("admin",
    actions=[
        {
            "authenticateOidc": {
                "authorizationEndpoint": "https://example.com/authorization_endpoint",
                "client_id": "client_id",
                "client_secret": "client_secret",
                "issuer": "https://example.com",
                "tokenEndpoint": "https://example.com/token_endpoint",
                "userInfoEndpoint": "https://example.com/user_info_endpoint",
            },
            "type": "authenticate-oidc",
        },
        {
            "target_group_arn": aws_lb_target_group["static"]["arn"],
            "type": "forward",
        },
    ],
    listener_arn=front_end_listener.arn)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • actions (pulumi.Input[list]) – An Action block. Action blocks are documented below.

  • conditions (pulumi.Input[list]) – A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

  • listener_arn (pulumi.Input[str]) – The ARN of the listener to which to attach the rule.

  • priority (pulumi.Input[float]) – The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can’t have multiple rules with the same priority.

The actions object supports the following:

  • authenticateCognito (pulumi.Input[dict]) - Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (pulumi.Input[str]) - The ARN of the Cognito user pool.

    • userPoolClientId (pulumi.Input[str]) - The ID of the Cognito user pool client.

    • userPoolDomain (pulumi.Input[str]) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (pulumi.Input[dict]) - Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (pulumi.Input[str]) - The authorization endpoint of the IdP.

    • client_id (pulumi.Input[str]) - The OAuth 2.0 client identifier.

    • client_secret (pulumi.Input[str]) - The OAuth 2.0 client secret.

    • issuer (pulumi.Input[str]) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (pulumi.Input[str]) - The token endpoint of the IdP.

    • userInfoEndpoint (pulumi.Input[str]) - The user info endpoint of the IdP.

  • fixedResponse (pulumi.Input[dict]) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (pulumi.Input[str]) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (pulumi.Input[str]) - The message body.

    • status_code (pulumi.Input[str]) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (pulumi.Input[dict]) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (pulumi.Input[dict]) - The target group stickiness for the rule.

      • duration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (pulumi.Input[bool]) - Indicates whether target group stickiness is enabled.

    • targetGroups (pulumi.Input[list]) - One or more target groups block.

      • arn (pulumi.Input[str]) - The Amazon Resource Name (ARN) of the target group.

      • weight (pulumi.Input[float]) - The weight. The range is 0 to 999.

  • order (pulumi.Input[float])

  • redirect (pulumi.Input[dict]) - Information for creating a redirect action. Required if type is redirect.

    • host (pulumi.Input[str]) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (pulumi.Input[str]) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (pulumi.Input[str]) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (pulumi.Input[str]) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (pulumi.Input[str]) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (pulumi.Input[str]) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (pulumi.Input[str]) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (pulumi.Input[str]) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

The conditions object supports the following:

  • field (pulumi.Input[str]) - The type of condition. Valid values are host-header or path-pattern. Must also set values.

  • hostHeader (pulumi.Input[dict]) - Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • httpHeader (pulumi.Input[dict]) - HTTP headers to match. HTTP Header block fields documented below.

    • httpHeaderName (pulumi.Input[str]) - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

    • values (pulumi.Input[list]) - List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

  • httpRequestMethod (pulumi.Input[dict]) - Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • pathPattern (pulumi.Input[dict]) - Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • queryStrings (pulumi.Input[list]) - Query strings to match. Query String block fields documented below.

    • key (pulumi.Input[str]) - Query string key pattern to match.

    • value (pulumi.Input[str]) - Query string value pattern to match.

  • sourceIp (pulumi.Input[dict]) - Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • values (pulumi.Input[str]) - List of exactly one pattern to match. Required when field is set.

actions: pulumi.Output[list] = None

An Action block. Action blocks are documented below.

  • authenticateCognito (dict) - Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

    • authenticationRequestExtraParams (dict) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (str) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (str) - The set of user claims to be requested from the IdP.

    • sessionCookieName (str) - The name of the cookie used to maintain session information.

    • sessionTimeout (float) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (str) - The ARN of the Cognito user pool.

    • userPoolClientId (str) - The ID of the Cognito user pool client.

    • userPoolDomain (str) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (dict) - Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

    • authenticationRequestExtraParams (dict) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (str) - The authorization endpoint of the IdP.

    • client_id (str) - The OAuth 2.0 client identifier.

    • client_secret (str) - The OAuth 2.0 client secret.

    • issuer (str) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (str) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (str) - The set of user claims to be requested from the IdP.

    • sessionCookieName (str) - The name of the cookie used to maintain session information.

    • sessionTimeout (float) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (str) - The token endpoint of the IdP.

    • userInfoEndpoint (str) - The user info endpoint of the IdP.

  • fixedResponse (dict) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (str) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (str) - The message body.

    • status_code (str) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (dict) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (dict) - The target group stickiness for the rule.

      • duration (float) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (bool) - Indicates whether target group stickiness is enabled.

    • targetGroups (list) - One or more target groups block.

      • arn (str) - The Amazon Resource Name (ARN) of the target group.

      • weight (float) - The weight. The range is 0 to 999.

  • order (float)

  • redirect (dict) - Information for creating a redirect action. Required if type is redirect.

    • host (str) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (str) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (str) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (str) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (str) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (str) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (str) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (str) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

arn: pulumi.Output[str] = None

The Amazon Resource Name (ARN) of the target group.

conditions: pulumi.Output[list] = None

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

  • field (str) - The type of condition. Valid values are host-header or path-pattern. Must also set values.

  • hostHeader (dict) - Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

    • values (list) - List of exactly one pattern to match. Required when field is set.

  • httpHeader (dict) - HTTP headers to match. HTTP Header block fields documented below.

    • httpHeaderName (str) - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

    • values (list) - List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

  • httpRequestMethod (dict) - Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

    • values (list) - List of exactly one pattern to match. Required when field is set.

  • pathPattern (dict) - Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

    • values (list) - List of exactly one pattern to match. Required when field is set.

  • queryStrings (list) - Query strings to match. Query String block fields documented below.

    • key (str) - Query string key pattern to match.

    • value (str) - Query string value pattern to match.

  • sourceIp (dict) - Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

    • values (list) - List of exactly one pattern to match. Required when field is set.

  • values (str) - List of exactly one pattern to match. Required when field is set.

listener_arn: pulumi.Output[str] = None

The ARN of the listener to which to attach the rule.

priority: pulumi.Output[float] = None

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can’t have multiple rules with the same priority.

static get(resource_name, id, opts=None, actions=None, arn=None, conditions=None, listener_arn=None, priority=None)

Get an existing ListenerRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • actions (pulumi.Input[list]) – An Action block. Action blocks are documented below.

  • arn (pulumi.Input[str]) – The Amazon Resource Name (ARN) of the target group.

  • conditions (pulumi.Input[list]) – A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

  • listener_arn (pulumi.Input[str]) – The ARN of the listener to which to attach the rule.

  • priority (pulumi.Input[float]) – The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can’t have multiple rules with the same priority.

The actions object supports the following:

  • authenticateCognito (pulumi.Input[dict]) - Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • userPoolArn (pulumi.Input[str]) - The ARN of the Cognito user pool.

    • userPoolClientId (pulumi.Input[str]) - The ID of the Cognito user pool client.

    • userPoolDomain (pulumi.Input[str]) - The domain prefix or fully-qualified domain name of the Cognito user pool.

  • authenticateOidc (pulumi.Input[dict]) - Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

    • authenticationRequestExtraParams (pulumi.Input[dict]) - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    • authorizationEndpoint (pulumi.Input[str]) - The authorization endpoint of the IdP.

    • client_id (pulumi.Input[str]) - The OAuth 2.0 client identifier.

    • client_secret (pulumi.Input[str]) - The OAuth 2.0 client secret.

    • issuer (pulumi.Input[str]) - The OIDC issuer identifier of the IdP.

    • onUnauthenticatedRequest (pulumi.Input[str]) - The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    • scope (pulumi.Input[str]) - The set of user claims to be requested from the IdP.

    • sessionCookieName (pulumi.Input[str]) - The name of the cookie used to maintain session information.

    • sessionTimeout (pulumi.Input[float]) - The maximum duration of the authentication session, in seconds.

    • tokenEndpoint (pulumi.Input[str]) - The token endpoint of the IdP.

    • userInfoEndpoint (pulumi.Input[str]) - The user info endpoint of the IdP.

  • fixedResponse (pulumi.Input[dict]) - Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    • content_type (pulumi.Input[str]) - The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    • messageBody (pulumi.Input[str]) - The message body.

    • status_code (pulumi.Input[str]) - The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

  • forward (pulumi.Input[dict]) - Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

    • stickiness (pulumi.Input[dict]) - The target group stickiness for the rule.

      • duration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

      • enabled (pulumi.Input[bool]) - Indicates whether target group stickiness is enabled.

    • targetGroups (pulumi.Input[list]) - One or more target groups block.

      • arn (pulumi.Input[str]) - The Amazon Resource Name (ARN) of the target group.

      • weight (pulumi.Input[float]) - The weight. The range is 0 to 999.

  • order (pulumi.Input[float])

  • redirect (pulumi.Input[dict]) - Information for creating a redirect action. Required if type is redirect.

    • host (pulumi.Input[str]) - The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    • path (pulumi.Input[str]) - The absolute path, starting with the leading “/”. This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    • port (pulumi.Input[str]) - The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    • protocol (pulumi.Input[str]) - The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    • query (pulumi.Input[str]) - The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading “?”. Defaults to #{query}.

    • status_code (pulumi.Input[str]) - The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

  • target_group_arn (pulumi.Input[str]) - The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

  • type (pulumi.Input[str]) - The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

The conditions object supports the following:

  • field (pulumi.Input[str]) - The type of condition. Valid values are host-header or path-pattern. Must also set values.

  • hostHeader (pulumi.Input[dict]) - Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • httpHeader (pulumi.Input[dict]) - HTTP headers to match. HTTP Header block fields documented below.

    • httpHeaderName (pulumi.Input[str]) - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

    • values (pulumi.Input[list]) - List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

  • httpRequestMethod (pulumi.Input[dict]) - Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • pathPattern (pulumi.Input[dict]) - Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • queryStrings (pulumi.Input[list]) - Query strings to match. Query String block fields documented below.

    • key (pulumi.Input[str]) - Query string key pattern to match.

    • value (pulumi.Input[str]) - Query string value pattern to match.

  • sourceIp (pulumi.Input[dict]) - Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

    • values (pulumi.Input[list]) - List of exactly one pattern to match. Required when field is set.

  • values (pulumi.Input[str]) - List of exactly one pattern to match. Required when field is set.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.applicationloadbalancing.LoadBalancer(resource_name, opts=None, access_logs=None, drop_invalid_header_fields=None, enable_cross_zone_load_balancing=None, enable_deletion_protection=None, enable_http2=None, idle_timeout=None, internal=None, ip_address_type=None, load_balancer_type=None, name=None, name_prefix=None, security_groups=None, subnet_mappings=None, subnets=None, tags=None, __props__=None, __name__=None, __opts__=None)

Provides a Load Balancer resource.

Note: alb.LoadBalancer is known as lb.LoadBalancer. The functionality is identical.

import pulumi
import pulumi_aws as aws

test = aws.lb.LoadBalancer("test",
    access_logs={
        "bucket": aws_s3_bucket["lb_logs"]["bucket"],
        "enabled": True,
        "prefix": "test-lb",
    },
    enable_deletion_protection=True,
    internal=False,
    load_balancer_type="application",
    security_groups=[aws_security_group["lb_sg"]["id"]],
    subnets=[[__item["id"] for __item in aws_subnet["public"]]],
    tags={
        "Environment": "production",
    })
import pulumi
import pulumi_aws as aws

test = aws.lb.LoadBalancer("test",
    enable_deletion_protection=True,
    internal=False,
    load_balancer_type="network",
    subnets=[[__item["id"] for __item in aws_subnet["public"]]],
    tags={
        "Environment": "production",
    })
import pulumi
import pulumi_aws as aws

example = aws.lb.LoadBalancer("example",
    load_balancer_type="network",
    subnet_mappings=[
        {
            "allocation_id": aws_eip["example1"]["id"],
            "subnet_id": aws_subnet["example1"]["id"],
        },
        {
            "allocation_id": aws_eip["example2"]["id"],
            "subnet_id": aws_subnet["example2"]["id"],
        },
    ])
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_logs (pulumi.Input[dict]) – An Access Logs block. Access Logs documented below.

  • drop_invalid_header_fields (pulumi.Input[bool]) – Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.

  • enable_cross_zone_load_balancing (pulumi.Input[bool]) – If true, cross-zone load balancing of the load balancer will be enabled. This is a network load balancer feature. Defaults to false.

  • enable_deletion_protection (pulumi.Input[bool]) – If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.

  • enable_http2 (pulumi.Input[bool]) – Indicates whether HTTP/2 is enabled in application load balancers. Defaults to true.

  • idle_timeout (pulumi.Input[float]) – The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.

  • internal (pulumi.Input[bool]) – If true, the LB will be internal.

  • ip_address_type (pulumi.Input[str]) – The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack

  • load_balancer_type (pulumi.Input[str]) – The type of load balancer to create. Possible values are application or network. The default value is application.

  • name (pulumi.Input[str]) – The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.

  • name_prefix (pulumi.Input[str]) – Creates a unique name beginning with the specified prefix. Conflicts with name.

  • security_groups (pulumi.Input[list]) – A list of security group IDs to assign to the LB. Only valid for Load Balancers of type application.

  • subnet_mappings (pulumi.Input[list]) – A subnet mapping block as documented below.

  • subnets (pulumi.Input[list]) – A list of subnet IDs to attach to the LB. Subnets cannot be updated for Load Balancers of type network. Changing this value for load balancers of type network will force a recreation of the resource.

  • tags (pulumi.Input[dict]) – A map of tags to assign to the resource.

The access_logs object supports the following:

  • bucket (pulumi.Input[str]) - The S3 bucket name to store the logs in.

  • enabled (pulumi.Input[bool]) - Boolean to enable / disable access_logs. Defaults to false, even when bucket is specified.

  • prefix (pulumi.Input[str]) - The S3 bucket prefix. Logs are stored in the root if not configured.

The subnet_mappings object supports the following:

  • allocation_id (pulumi.Input[str]) - The allocation ID of the Elastic IP address.

  • subnet_id (pulumi.Input[str]) - The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.

access_logs: pulumi.Output[dict] = None

An Access Logs block. Access Logs documented below.

  • bucket (str) - The S3 bucket name to store the logs in.

  • enabled (bool) - Boolean to enable / disable access_logs. Defaults to false, even when bucket is specified.

  • prefix (str) - The S3 bucket prefix. Logs are stored in the root if not configured.

arn: pulumi.Output[str] = None

The ARN of the load balancer (matches id).

arn_suffix: pulumi.Output[str] = None

The ARN suffix for use with CloudWatch Metrics.

dns_name: pulumi.Output[str] = None

The DNS name of the load balancer.

drop_invalid_header_fields: pulumi.Output[bool] = None

Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.

enable_cross_zone_load_balancing: pulumi.Output[bool] = None

If true, cross-zone load balancing of the load balancer will be enabled. This is a network load balancer feature. Defaults to false.

enable_deletion_protection: pulumi.Output[bool] = None

If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.

enable_http2: pulumi.Output[bool] = None

Indicates whether HTTP/2 is enabled in application load balancers. Defaults to true.

idle_timeout: pulumi.Output[float] = None

The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.

internal: pulumi.Output[bool] = None

If true, the LB will be internal.

ip_address_type: pulumi.Output[str] = None

The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack

load_balancer_type: pulumi.Output[str] = None

The type of load balancer to create. Possible values are application or network. The default value is application.

name: pulumi.Output[str] = None

The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.

name_prefix: pulumi.Output[str] = None

Creates a unique name beginning with the specified prefix. Conflicts with name.

security_groups: pulumi.Output[list] = None

A list of security group IDs to assign to the LB. Only valid for Load Balancers of type application.

subnet_mappings: pulumi.Output[list] = None

A subnet mapping block as documented below.

  • allocation_id (str) - The allocation ID of the Elastic IP address.

  • subnet_id (str) - The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.

subnets: pulumi.Output[list] = None

A list of subnet IDs to attach to the LB. Subnets cannot be updated for Load Balancers of type network. Changing this value for load balancers of type network will force a recreation of the resource.

tags: pulumi.Output[dict] = None

A map of tags to assign to the resource.

zone_id: pulumi.Output[str] = None

The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).

static get(resource_name, id, opts=None, access_logs=None, arn=None, arn_suffix=None, dns_name=None, drop_invalid_header_fields=None, enable_cross_zone_load_balancing=None, enable_deletion_protection=None, enable_http2=None, idle_timeout=None, internal=None, ip_address_type=None, load_balancer_type=None, name=None, name_prefix=None, security_groups=None, subnet_mappings=None, subnets=None, tags=None, vpc_id=None, zone_id=None)

Get an existing LoadBalancer resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_logs (pulumi.Input[dict]) – An Access Logs block. Access Logs documented below.

  • arn (pulumi.Input[str]) – The ARN of the load balancer (matches id).

  • arn_suffix (pulumi.Input[str]) – The ARN suffix for use with CloudWatch Metrics.

  • dns_name (pulumi.Input[str]) – The DNS name of the load balancer.

  • drop_invalid_header_fields (pulumi.Input[bool]) – Indicates whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.

  • enable_cross_zone_load_balancing (pulumi.Input[bool]) – If true, cross-zone load balancing of the load balancer will be enabled. This is a network load balancer feature. Defaults to false.

  • enable_deletion_protection (pulumi.Input[bool]) – If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.

  • enable_http2 (pulumi.Input[bool]) – Indicates whether HTTP/2 is enabled in application load balancers. Defaults to true.

  • idle_timeout (pulumi.Input[float]) – The time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.

  • internal (pulumi.Input[bool]) – If true, the LB will be internal.

  • ip_address_type (pulumi.Input[str]) – The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack

  • load_balancer_type (pulumi.Input[str]) – The type of load balancer to create. Possible values are application or network. The default value is application.

  • name (pulumi.Input[str]) – The name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.

  • name_prefix (pulumi.Input[str]) – Creates a unique name beginning with the specified prefix. Conflicts with name.

  • security_groups (pulumi.Input[list]) – A list of security group IDs to assign to the LB. Only valid for Load Balancers of type application.

  • subnet_mappings (pulumi.Input[list]) – A subnet mapping block as documented below.

  • subnets (pulumi.Input[list]) – A list of subnet IDs to attach to the LB. Subnets cannot be updated for Load Balancers of type network. Changing this value for load balancers of type network will force a recreation of the resource.

  • tags (pulumi.Input[dict]) – A map of tags to assign to the resource.

  • zone_id (pulumi.Input[str]) – The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).

The access_logs object supports the following:

  • bucket (pulumi.Input[str]) - The S3 bucket name to store the logs in.

  • enabled (pulumi.Input[bool]) - Boolean to enable / disable access_logs. Defaults to false, even when bucket is specified.

  • prefix (pulumi.Input[str]) - The S3 bucket prefix. Logs are stored in the root if not configured.

The subnet_mappings object supports the following:

  • allocation_id (pulumi.Input[str]) - The allocation ID of the Elastic IP address.

  • subnet_id (pulumi.Input[str]) - The id of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.applicationloadbalancing.TargetGroup(resource_name, opts=None, deregistration_delay=None, health_check=None, lambda_multi_value_headers_enabled=None, load_balancing_algorithm_type=None, name=None, name_prefix=None, port=None, protocol=None, proxy_protocol_v2=None, slow_start=None, stickiness=None, tags=None, target_type=None, vpc_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Target Group resource for use with Load Balancer resources.

Note: alb.TargetGroup is known as lb.TargetGroup. The functionality is identical.

import pulumi
import pulumi_aws as aws

main = aws.ec2.Vpc("main", cidr_block="10.0.0.0/16")
test = aws.lb.TargetGroup("test",
    port=80,
    protocol="HTTP",
    vpc_id=main.id)
import pulumi
import pulumi_aws as aws

main = aws.ec2.Vpc("main", cidr_block="10.0.0.0/16")
ip_example = aws.lb.TargetGroup("ip-example",
    port=80,
    protocol="HTTP",
    target_type="ip",
    vpc_id=main.id)
import pulumi
import pulumi_aws as aws

lambda_example = aws.lb.TargetGroup("lambda-example", target_type="lambda")
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • deregistration_delay (pulumi.Input[float]) – The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.

  • health_check (pulumi.Input[dict]) – A Health Check block. Health Check blocks are documented below.

  • lambda_multi_value_headers_enabled (pulumi.Input[bool]) – Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_type is lambda.

  • load_balancing_algorithm_type (pulumi.Input[str]) – Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin or least_outstanding_requests. The default is round_robin.

  • name (pulumi.Input[str]) – The name of the target group. If omitted, this provider will assign a random, unique name.

  • name_prefix (pulumi.Input[str]) – Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.

  • port (pulumi.Input[float]) – The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • protocol (pulumi.Input[str]) – The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • proxy_protocol_v2 (pulumi.Input[bool]) – Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See doc for more information.

  • slow_start (pulumi.Input[float]) – The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.

  • stickiness (pulumi.Input[dict]) – A Stickiness block. Stickiness blocks are documented below. stickiness is only valid if used with Load Balancers of type Application

  • tags (pulumi.Input[dict]) – A map of tags to assign to the resource.

  • target_type (pulumi.Input[str]) – The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID) or ip (targets are specified by IP address) or lambda (targets are specified by lambda arn). The default is instance. Note that you can’t specify targets for a target group using both instance IDs and IP addresses. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can’t specify publicly routable IP addresses.

  • vpc_id (pulumi.Input[str]) – The identifier of the VPC in which to create the target group. Required when target_type is instance or ip. Does not apply when target_type is lambda.

The health_check object supports the following:

  • enabled (pulumi.Input[bool]) - Boolean to enable / disable stickiness. Default is true

  • healthyThreshold (pulumi.Input[float]) - The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.

  • interval (pulumi.Input[float]) - The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For lambda target groups, it needs to be greater as the timeout of the underlying lambda. Default 30 seconds.

  • matcher (pulumi.Input[str]) - The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, “200,202”) or a range of values (for example, “200-299”). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • path (pulumi.Input[str]) - The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • port (pulumi.Input[str]) - The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • protocol (pulumi.Input[str]) - The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • timeout (pulumi.Input[float]) - The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the instance target type and 30 seconds for the lambda target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.

  • unhealthyThreshold (pulumi.Input[float]) - The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the healthy_threshold. Defaults to 3.

The stickiness object supports the following:

  • cookieDuration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).

  • enabled (pulumi.Input[bool]) - Indicates whether health checks are enabled. Defaults to true.

  • type (pulumi.Input[str]) - The type of sticky sessions. The only current possible value is lb_cookie.

arn: pulumi.Output[str] = None

The ARN of the Target Group (matches id)

arn_suffix: pulumi.Output[str] = None

The ARN suffix for use with CloudWatch Metrics.

deregistration_delay: pulumi.Output[float] = None

The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.

health_check: pulumi.Output[dict] = None

A Health Check block. Health Check blocks are documented below.

  • enabled (bool) - Boolean to enable / disable stickiness. Default is true

  • healthyThreshold (float) - The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.

  • interval (float) - The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For lambda target groups, it needs to be greater as the timeout of the underlying lambda. Default 30 seconds.

  • matcher (str) - The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, “200,202”) or a range of values (for example, “200-299”). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • path (str) - The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • port (str) - The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • protocol (str) - The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • timeout (float) - The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the instance target type and 30 seconds for the lambda target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.

  • unhealthyThreshold (float) - The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the healthy_threshold. Defaults to 3.

lambda_multi_value_headers_enabled: pulumi.Output[bool] = None

Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_type is lambda.

load_balancing_algorithm_type: pulumi.Output[str] = None

Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin or least_outstanding_requests. The default is round_robin.

name: pulumi.Output[str] = None

The name of the target group. If omitted, this provider will assign a random, unique name.

name_prefix: pulumi.Output[str] = None

Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.

port: pulumi.Output[float] = None

The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

protocol: pulumi.Output[str] = None

The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

proxy_protocol_v2: pulumi.Output[bool] = None

Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See doc for more information.

slow_start: pulumi.Output[float] = None

The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.

stickiness: pulumi.Output[dict] = None

A Stickiness block. Stickiness blocks are documented below. stickiness is only valid if used with Load Balancers of type Application

  • cookieDuration (float) - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).

  • enabled (bool) - Indicates whether health checks are enabled. Defaults to true.

  • type (str) - The type of sticky sessions. The only current possible value is lb_cookie.

tags: pulumi.Output[dict] = None

A map of tags to assign to the resource.

target_type: pulumi.Output[str] = None

The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID) or ip (targets are specified by IP address) or lambda (targets are specified by lambda arn). The default is instance. Note that you can’t specify targets for a target group using both instance IDs and IP addresses. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can’t specify publicly routable IP addresses.

vpc_id: pulumi.Output[str] = None

The identifier of the VPC in which to create the target group. Required when target_type is instance or ip. Does not apply when target_type is lambda.

static get(resource_name, id, opts=None, arn=None, arn_suffix=None, deregistration_delay=None, health_check=None, lambda_multi_value_headers_enabled=None, load_balancing_algorithm_type=None, name=None, name_prefix=None, port=None, protocol=None, proxy_protocol_v2=None, slow_start=None, stickiness=None, tags=None, target_type=None, vpc_id=None)

Get an existing TargetGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • arn (pulumi.Input[str]) – The ARN of the Target Group (matches id)

  • arn_suffix (pulumi.Input[str]) – The ARN suffix for use with CloudWatch Metrics.

  • deregistration_delay (pulumi.Input[float]) – The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.

  • health_check (pulumi.Input[dict]) – A Health Check block. Health Check blocks are documented below.

  • lambda_multi_value_headers_enabled (pulumi.Input[bool]) – Boolean whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_type is lambda.

  • load_balancing_algorithm_type (pulumi.Input[str]) – Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin or least_outstanding_requests. The default is round_robin.

  • name (pulumi.Input[str]) – The name of the target group. If omitted, this provider will assign a random, unique name.

  • name_prefix (pulumi.Input[str]) – Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.

  • port (pulumi.Input[float]) – The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • protocol (pulumi.Input[str]) – The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • proxy_protocol_v2 (pulumi.Input[bool]) –

    Boolean to enable / disable support for proxy protocol v2 on Network Load Balancers. See doc for more information.

  • slow_start (pulumi.Input[float]) – The amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.

  • stickiness (pulumi.Input[dict]) – A Stickiness block. Stickiness blocks are documented below. stickiness is only valid if used with Load Balancers of type Application

  • tags (pulumi.Input[dict]) – A map of tags to assign to the resource.

  • target_type (pulumi.Input[str]) – The type of target that you must specify when registering targets with this target group. The possible values are instance (targets are specified by instance ID) or ip (targets are specified by IP address) or lambda (targets are specified by lambda arn). The default is instance. Note that you can’t specify targets for a target group using both instance IDs and IP addresses. If the target type is ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can’t specify publicly routable IP addresses.

  • vpc_id (pulumi.Input[str]) – The identifier of the VPC in which to create the target group. Required when target_type is instance or ip. Does not apply when target_type is lambda.

The health_check object supports the following:

  • enabled (pulumi.Input[bool]) - Boolean to enable / disable stickiness. Default is true

  • healthyThreshold (pulumi.Input[float]) - The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 3.

  • interval (pulumi.Input[float]) - The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. For lambda target groups, it needs to be greater as the timeout of the underlying lambda. Default 30 seconds.

  • matcher (pulumi.Input[str]) - The HTTP codes to use when checking for a successful response from a target. You can specify multiple values (for example, “200,202”) or a range of values (for example, “200-299”). Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • path (pulumi.Input[str]) - The destination for the health check request. Applies to Application Load Balancers only (HTTP/HTTPS), not Network Load Balancers (TCP).

  • port (pulumi.Input[str]) - The port on which targets receive traffic, unless overridden when registering a specific target. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • protocol (pulumi.Input[str]) - The protocol to use for routing traffic to the targets. Should be one of “TCP”, “TLS”, “UDP”, “TCP_UDP”, “HTTP” or “HTTPS”. Required when target_type is instance or ip. Does not apply when target_type is lambda.

  • timeout (pulumi.Input[float]) - The amount of time, in seconds, during which no response means a failed health check. For Application Load Balancers, the range is 2 to 120 seconds, and the default is 5 seconds for the instance target type and 30 seconds for the lambda target type. For Network Load Balancers, you cannot set a custom value, and the default is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP health checks.

  • unhealthyThreshold (pulumi.Input[float]) - The number of consecutive health check failures required before considering the target unhealthy . For Network Load Balancers, this value must be the same as the healthy_threshold. Defaults to 3.

The stickiness object supports the following:

  • cookieDuration (pulumi.Input[float]) - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).

  • enabled (pulumi.Input[bool]) - Indicates whether health checks are enabled. Defaults to true.

  • type (pulumi.Input[str]) - The type of sticky sessions. The only current possible value is lb_cookie.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_aws.applicationloadbalancing.TargetGroupAttachment(resource_name, opts=None, availability_zone=None, port=None, target_group_arn=None, target_id=None, __props__=None, __name__=None, __opts__=None)

Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the elb.Attachment resource.

Note: alb.TargetGroupAttachment is known as lb.TargetGroupAttachment. The functionality is identical.

import pulumi
import pulumi_aws as aws

test_target_group = aws.lb.TargetGroup("testTargetGroup")
test_instance = aws.ec2.Instance("testInstance")
test_target_group_attachment = aws.lb.TargetGroupAttachment("testTargetGroupAttachment",
    port=80,
    target_group_arn=test_target_group.arn,
    target_id=test_instance.id)
import pulumi
import pulumi_aws as aws

test_target_group = aws.lb.TargetGroup("testTargetGroup", target_type="lambda")
test_function = aws.lambda_.Function("testFunction")
with_lb = aws.lambda_.Permission("withLb",
    action="lambda:InvokeFunction",
    function=test_function.arn,
    principal="elasticloadbalancing.amazonaws.com",
    source_arn=test_target_group.arn)
test_target_group_attachment = aws.lb.TargetGroupAttachment("testTargetGroupAttachment",
    target_group_arn=test_target_group.arn,
    target_id=test_function.arn)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • availability_zone (pulumi.Input[str]) – The Availability Zone where the IP address of the target is to be registered.

  • port (pulumi.Input[float]) – The port on which targets receive traffic.

  • target_group_arn (pulumi.Input[str]) – The ARN of the target group with which to register targets

  • target_id (pulumi.Input[str]) – The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.

availability_zone: pulumi.Output[str] = None

The Availability Zone where the IP address of the target is to be registered.

port: pulumi.Output[float] = None

The port on which targets receive traffic.

target_group_arn: pulumi.Output[str] = None

The ARN of the target group with which to register targets

target_id: pulumi.Output[str] = None

The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.

static get(resource_name, id, opts=None, availability_zone=None, port=None, target_group_arn=None, target_id=None)

Get an existing TargetGroupAttachment resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • availability_zone (pulumi.Input[str]) – The Availability Zone where the IP address of the target is to be registered.

  • port (pulumi.Input[float]) – The port on which targets receive traffic.

  • target_group_arn (pulumi.Input[str]) – The ARN of the target group with which to register targets

  • target_id (pulumi.Input[str]) – The ID of the target. This is the Instance ID for an instance, or the container ID for an ECS container. If the target type is ip, specify an IP address. If the target type is lambda, specify the arn of lambda.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_aws.applicationloadbalancing.get_listener(arn=None, load_balancer_arn=None, port=None, opts=None)

Note: alb.Listener is known as lb.Listener. The functionality is identical.

Provides information about a Load Balancer Listener.

This data source can prove useful when a module accepts an LB Listener as an input variable and needs to know the LB it is attached to, or other information specific to the listener in question.

import pulumi
import pulumi_aws as aws

config = pulumi.Config()
listener_arn = config.require_object("listenerArn")
listener = aws.lb.get_listener(arn=listener_arn)
selected = aws.lb.get_load_balancer(name="default-public")
selected443 = aws.lb.get_listener(load_balancer_arn=selected.arn,
    port=443)
Parameters
  • arn (str) – The arn of the listener. Required if load_balancer_arn and port is not set.

  • load_balancer_arn (str) – The arn of the load balancer. Required if arn is not set.

  • port (float) – The port of the listener. Required if arn is not set.

pulumi_aws.applicationloadbalancing.get_load_balancer(arn=None, name=None, tags=None, opts=None)

Note: alb.LoadBalancer is known as lb.LoadBalancer. The functionality is identical.

Provides information about a Load Balancer.

This data source can prove useful when a module accepts an LB as an input variable and needs to, for example, determine the security groups associated with it, etc.

import pulumi
import pulumi_aws as aws

config = pulumi.Config()
lb_arn = config.get("lbArn")
if lb_arn is None:
    lb_arn = ""
lb_name = config.get("lbName")
if lb_name is None:
    lb_name = ""
test = aws.lb.get_load_balancer(arn=lb_arn,
    name=lb_name)
Parameters
  • arn (str) – The full ARN of the load balancer.

  • name (str) – The unique name of the load balancer.

pulumi_aws.applicationloadbalancing.get_target_group(arn=None, name=None, tags=None, opts=None)

Note: alb.TargetGroup is known as lb.TargetGroup. The functionality is identical.

Provides information about a Load Balancer Target Group.

This data source can prove useful when a module accepts an LB Target Group as an input variable and needs to know its attributes. It can also be used to get the ARN of an LB Target Group for use in other resources, given LB Target Group name.

import pulumi
import pulumi_aws as aws

config = pulumi.Config()
lb_tg_arn = config.get("lbTgArn")
if lb_tg_arn is None:
    lb_tg_arn = ""
lb_tg_name = config.get("lbTgName")
if lb_tg_name is None:
    lb_tg_name = ""
test = aws.lb.get_target_group(arn=lb_tg_arn,
    name=lb_tg_name)
Parameters
  • arn (str) – The full ARN of the target group.

  • name (str) – The unique name of the target group.