AWS Cloud Control v1.30.0, Jun 16 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.30.0 published on Monday, Jun 16, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.elasticloadbalancingv2.ListenerRule

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.30.0 published on Monday, Jun 16, 2025 by Pulumi

pulumi/pulumi-aws-native

Create ListenerRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ListenerRule(name: string, args: ListenerRuleArgs, opts?: CustomResourceOptions);

@overload
def ListenerRule(resource_name: str,
                 args: ListenerRuleArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def ListenerRule(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 actions: Optional[Sequence[ListenerRuleActionArgs]] = None,
                 conditions: Optional[Sequence[ListenerRuleRuleConditionArgs]] = None,
                 priority: Optional[int] = None,
                 listener_arn: Optional[str] = None)

func NewListenerRule(ctx *Context, name string, args ListenerRuleArgs, opts ...ResourceOption) (*ListenerRule, error)

public ListenerRule(string name, ListenerRuleArgs args, CustomResourceOptions? opts = null)

public ListenerRule(String name, ListenerRuleArgs args)
public ListenerRule(String name, ListenerRuleArgs args, CustomResourceOptions options)

type: aws-native:elasticloadbalancingv2:ListenerRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ListenerRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ListenerRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ListenerRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ListenerRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ListenerRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ListenerRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ListenerRule resource accepts the following input properties:

Actions List<Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleAction>: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
Conditions List<Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleRuleCondition>: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
Priority int: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
ListenerArn string: The Amazon Resource Name (ARN) of the listener.

Actions []ListenerRuleActionArgs: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
Conditions []ListenerRuleRuleConditionArgs: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
Priority int: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
ListenerArn string: The Amazon Resource Name (ARN) of the listener.

actions List<ListenerRuleAction>: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
conditions List<ListenerRuleRuleCondition>: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
priority Integer: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
listenerArn String: The Amazon Resource Name (ARN) of the listener.

actions ListenerRuleAction[]: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
conditions ListenerRuleRuleCondition[]: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
priority number: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
listenerArn string: The Amazon Resource Name (ARN) of the listener.

actions Sequence[ListenerRuleActionArgs]: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
conditions Sequence[ListenerRuleRuleConditionArgs]: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
priority int: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
listener_arn str: The Amazon Resource Name (ARN) of the listener.

actions List<Property Map>: The actions. The rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.
conditions List<Property Map>: The conditions. The rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. A rule can also optionally include one or more of each of the following conditions: http-header and query-string.
priority Number: The rule priority. A listener can't have multiple rules with the same priority. If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.
listenerArn String: The Amazon Resource Name (ARN) of the listener.

Outputs

All input properties are implicitly available as output properties. Additionally, the ListenerRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
IsDefault bool: Indicates whether this is the default rule.
RuleArn string: The Amazon Resource Name (ARN) of the rule.

Id string: The provider-assigned unique ID for this managed resource.
IsDefault bool: Indicates whether this is the default rule.
RuleArn string: The Amazon Resource Name (ARN) of the rule.

id String: The provider-assigned unique ID for this managed resource.
isDefault Boolean: Indicates whether this is the default rule.
ruleArn String: The Amazon Resource Name (ARN) of the rule.

id string: The provider-assigned unique ID for this managed resource.
isDefault boolean: Indicates whether this is the default rule.
ruleArn string: The Amazon Resource Name (ARN) of the rule.

id str: The provider-assigned unique ID for this managed resource.
is_default bool: Indicates whether this is the default rule.
rule_arn str: The Amazon Resource Name (ARN) of the rule.

id String: The provider-assigned unique ID for this managed resource.
isDefault Boolean: Indicates whether this is the default rule.
ruleArn String: The Amazon Resource Name (ARN) of the rule.

Supporting Types

ListenerRuleAction, ListenerRuleActionArgs

Type string: The type of action.
AuthenticateCognitoConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleAuthenticateCognitoConfig: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
AuthenticateOidcConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleAuthenticateOidcConfig: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
FixedResponseConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleFixedResponseConfig: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
ForwardConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleForwardConfig: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
Order int: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
RedirectConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleRedirectConfig: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
TargetGroupArn string: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

Type string: The type of action.
AuthenticateCognitoConfig ListenerRuleAuthenticateCognitoConfig: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
AuthenticateOidcConfig ListenerRuleAuthenticateOidcConfig: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
FixedResponseConfig ListenerRuleFixedResponseConfig: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
ForwardConfig ListenerRuleForwardConfig: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
Order int: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
RedirectConfig ListenerRuleRedirectConfig: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
TargetGroupArn string: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

type String: The type of action.
authenticateCognitoConfig ListenerRuleAuthenticateCognitoConfig: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
authenticateOidcConfig ListenerRuleAuthenticateOidcConfig: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
fixedResponseConfig ListenerRuleFixedResponseConfig: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
forwardConfig ListenerRuleForwardConfig: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
order Integer: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
redirectConfig ListenerRuleRedirectConfig: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
targetGroupArn String: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

type string: The type of action.
authenticateCognitoConfig ListenerRuleAuthenticateCognitoConfig: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
authenticateOidcConfig ListenerRuleAuthenticateOidcConfig: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
fixedResponseConfig ListenerRuleFixedResponseConfig: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
forwardConfig ListenerRuleForwardConfig: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
order number: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
redirectConfig ListenerRuleRedirectConfig: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
targetGroupArn string: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

type str: The type of action.
authenticate_cognito_config ListenerRuleAuthenticateCognitoConfig: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
authenticate_oidc_config ListenerRuleAuthenticateOidcConfig: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
fixed_response_config ListenerRuleFixedResponseConfig: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
forward_config ListenerRuleForwardConfig: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
order int: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
redirect_config ListenerRuleRedirectConfig: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
target_group_arn str: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

type String: The type of action.
authenticateCognitoConfig Property Map: [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.
authenticateOidcConfig Property Map: [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.
fixedResponseConfig Property Map: [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when Type is fixed-response.
forwardConfig Property Map: Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward. If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.
order Number: The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.
redirectConfig Property Map: [Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.
targetGroupArn String: The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

ListenerRuleAuthenticateCognitoConfig, ListenerRuleAuthenticateCognitoConfigArgs

UserPoolArn string

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

UserPoolClientId string

The ID of the Amazon Cognito user pool client.

UserPoolDomain string

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

AuthenticationRequestExtraParams Dictionary<string, string>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

Scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

SessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

SessionTimeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

UserPoolArn string

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

UserPoolClientId string

The ID of the Amazon Cognito user pool client.

UserPoolDomain string

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

AuthenticationRequestExtraParams map[string]string

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

Scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

SessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

SessionTimeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

userPoolArn String

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

userPoolClientId String

The ID of the Amazon Cognito user pool client.

userPoolDomain String

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

authenticationRequestExtraParams Map<String,String>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope String

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName String

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout Integer

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

userPoolArn string

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

userPoolClientId string

The ID of the Amazon Cognito user pool client.

userPoolDomain string

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

authenticationRequestExtraParams {[key: string]: string}

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

onUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout number

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

user_pool_arn str

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

user_pool_client_id str

The ID of the Amazon Cognito user pool client.

user_pool_domain str

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

authentication_request_extra_params Mapping[str, str]

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

on_unauthenticated_request str

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope str

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

session_cookie_name str

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

session_timeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

userPoolArn String

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

userPoolClientId String

The ID of the Amazon Cognito user pool client.

userPoolDomain String

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

authenticationRequestExtraParams Map<String>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope String

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName String

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout Number

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

ListenerRuleAuthenticateOidcConfig, ListenerRuleAuthenticateOidcConfigArgs

AuthorizationEndpoint string

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

ClientId string

The OAuth 2.0 client identifier.

Issuer string

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

TokenEndpoint string

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

UserInfoEndpoint string

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

AuthenticationRequestExtraParams Dictionary<string, string>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

ClientSecret string

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

Scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

SessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

SessionTimeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

UseExistingClientSecret bool

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

AuthorizationEndpoint string

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

ClientId string

The OAuth 2.0 client identifier.

Issuer string

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

TokenEndpoint string

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

UserInfoEndpoint string

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

AuthenticationRequestExtraParams map[string]string

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

ClientSecret string

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

Scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

SessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

SessionTimeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

UseExistingClientSecret bool

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

authorizationEndpoint String

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

clientId String

The OAuth 2.0 client identifier.

issuer String

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

tokenEndpoint String

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

userInfoEndpoint String

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

authenticationRequestExtraParams Map<String,String>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

clientSecret String

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope String

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName String

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout Integer

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

useExistingClientSecret Boolean

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

authorizationEndpoint string

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

clientId string

The OAuth 2.0 client identifier.

issuer string

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

tokenEndpoint string

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

userInfoEndpoint string

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

authenticationRequestExtraParams {[key: string]: string}

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

clientSecret string

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

onUnauthenticatedRequest string

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope string

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName string

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout number

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

useExistingClientSecret boolean

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

authorization_endpoint str

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

client_id str

The OAuth 2.0 client identifier.

issuer str

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

token_endpoint str

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

user_info_endpoint str

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

authentication_request_extra_params Mapping[str, str]

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

client_secret str

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

on_unauthenticated_request str

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope str

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

session_cookie_name str

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

session_timeout int

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

use_existing_client_secret bool

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

authorizationEndpoint String

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

clientId String

The OAuth 2.0 client identifier.

issuer String

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

tokenEndpoint String

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

userInfoEndpoint String

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

authenticationRequestExtraParams Map<String>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

clientSecret String

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. The following are possible values:

deny```` - Return an HTTP 401 Unauthorized error.
allow```` - Allow the request to be forwarded to the target.
authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value.

scope String

The set of user claims to be requested from the IdP. The default is openid. To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

sessionCookieName String

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

sessionTimeout Number

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

useExistingClientSecret Boolean

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

ListenerRuleFixedResponseConfig, ListenerRuleFixedResponseConfigArgs

StatusCode string: The HTTP response code (2XX, 4XX, or 5XX).
ContentType string: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
MessageBody string: The message.

StatusCode string: The HTTP response code (2XX, 4XX, or 5XX).
ContentType string: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
MessageBody string: The message.

statusCode String: The HTTP response code (2XX, 4XX, or 5XX).
contentType String: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
messageBody String: The message.

statusCode string: The HTTP response code (2XX, 4XX, or 5XX).
contentType string: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
messageBody string: The message.

status_code str: The HTTP response code (2XX, 4XX, or 5XX).
content_type str: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
message_body str: The message.

statusCode String: The HTTP response code (2XX, 4XX, or 5XX).
contentType String: The content type. Valid Values: text/plain | text/css | text/html | application/javascript | application/json
messageBody String: The message.

ListenerRuleForwardConfig, ListenerRuleForwardConfigArgs

TargetGroupStickinessConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleTargetGroupStickinessConfig: Information about the target group stickiness for a rule.
TargetGroups List<Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleTargetGroupTuple>: Information about how traffic will be distributed between multiple target groups in a forward rule.

TargetGroupStickinessConfig ListenerRuleTargetGroupStickinessConfig: Information about the target group stickiness for a rule.
TargetGroups []ListenerRuleTargetGroupTuple: Information about how traffic will be distributed between multiple target groups in a forward rule.

targetGroupStickinessConfig ListenerRuleTargetGroupStickinessConfig: Information about the target group stickiness for a rule.
targetGroups List<ListenerRuleTargetGroupTuple>: Information about how traffic will be distributed between multiple target groups in a forward rule.

targetGroupStickinessConfig ListenerRuleTargetGroupStickinessConfig: Information about the target group stickiness for a rule.
targetGroups ListenerRuleTargetGroupTuple[]: Information about how traffic will be distributed between multiple target groups in a forward rule.

target_group_stickiness_config ListenerRuleTargetGroupStickinessConfig: Information about the target group stickiness for a rule.
target_groups Sequence[ListenerRuleTargetGroupTuple]: Information about how traffic will be distributed between multiple target groups in a forward rule.

targetGroupStickinessConfig Property Map: Information about the target group stickiness for a rule.
targetGroups List<Property Map>: Information about how traffic will be distributed between multiple target groups in a forward rule.

ListenerRuleHostHeaderConfig, ListenerRuleHostHeaderConfigArgs

Values List<string>: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

Values []string: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

values List<String>: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

values string[]: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

values Sequence[str]: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

values List<String>: The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of the strings matches the host name.

ListenerRuleHttpHeaderConfig, ListenerRuleHttpHeaderConfigArgs

HttpHeaderName string: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
Values List<string>: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

HttpHeaderName string: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
Values []string: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

httpHeaderName String: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
values List<String>: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

httpHeaderName string: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
values string[]: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

http_header_name str: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
values Sequence[str]: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

httpHeaderName String: The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.
values List<String>: The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request, we search them in order until a match is found. If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.

ListenerRuleHttpRequestMethodConfig, ListenerRuleHttpRequestMethodConfigArgs

Values List<string>: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

Values []string: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

values List<String>: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

values string[]: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

values Sequence[str]: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

values List<String>: The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.

ListenerRulePathPatternConfig, ListenerRulePathPatternConfigArgs

Values List<string>: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

Values []string: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

values List<String>: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

values string[]: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

values Sequence[str]: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

values List<String>: The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.

ListenerRuleQueryStringConfig, ListenerRuleQueryStringConfigArgs

Values List<Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleQueryStringKeyValue>: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

Values []ListenerRuleQueryStringKeyValue: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

values List<ListenerRuleQueryStringKeyValue>: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

values ListenerRuleQueryStringKeyValue[]: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

values Sequence[ListenerRuleQueryStringKeyValue]: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

values List<Property Map>: The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in Values using a '' character. If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.

ListenerRuleQueryStringKeyValue, ListenerRuleQueryStringKeyValueArgs

Key string: The key. You can omit the key.
Value string: The value.

Key string: The key. You can omit the key.
Value string: The value.

key String: The key. You can omit the key.
value String: The value.

key string: The key. You can omit the key.
value string: The value.

key str: The key. You can omit the key.
value str: The value.

key String: The key. You can omit the key.
value String: The value.

ListenerRuleRedirectConfig, ListenerRuleRedirectConfigArgs

StatusCode string: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
Host string: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
Path string: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
Port string: The port. You can specify a value from 1 to 65535 or #{port}.
Protocol string: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
Query string: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

StatusCode string: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
Host string: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
Path string: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
Port string: The port. You can specify a value from 1 to 65535 or #{port}.
Protocol string: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
Query string: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

statusCode String: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
host String: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
path String: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
port String: The port. You can specify a value from 1 to 65535 or #{port}.
protocol String: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
query String: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

statusCode string: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
host string: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
path string: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
port string: The port. You can specify a value from 1 to 65535 or #{port}.
protocol string: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
query string: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

status_code str: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
host str: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
path str: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
port str: The port. You can specify a value from 1 to 65535 or #{port}.
protocol str: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
query str: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

statusCode String: The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
host String: The hostname. This component is not percent-encoded. The hostname can contain #{host}.
path String: The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
port String: The port. You can specify a value from 1 to 65535 or #{port}.
protocol String: The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP.
query String: The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.

ListenerRuleRuleCondition, ListenerRuleRuleConditionArgs

Field string

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

HostHeaderConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleHostHeaderConfig

Information for a host header condition. Specify only when Field is host-header.

HttpHeaderConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleHttpHeaderConfig

Information for an HTTP header condition. Specify only when Field is http-header.

HttpRequestMethodConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleHttpRequestMethodConfig

Information for an HTTP method condition. Specify only when Field is http-request-method.

PathPatternConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRulePathPatternConfig

Information for a path pattern condition. Specify only when Field is path-pattern.

QueryStringConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleQueryStringConfig

Information for a query string condition. Specify only when Field is query-string.

SourceIpConfig Pulumi.AwsNative.ElasticLoadBalancingV2.Inputs.ListenerRuleSourceIpConfig

Information for a source IP condition. Specify only when Field is source-ip.

Values List<string>

The condition value. Specify only when Field is host-header or path-pattern. Alternatively, to specify multiple host names or multiple path patterns, use HostHeaderConfig or PathPatternConfig. If Field is host-header and you're not using HostHeaderConfig, you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

If Field is path-pattern and you're not using PathPatternConfig, you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

Field string

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

HostHeaderConfig ListenerRuleHostHeaderConfig

Information for a host header condition. Specify only when Field is host-header.

HttpHeaderConfig ListenerRuleHttpHeaderConfig

Information for an HTTP header condition. Specify only when Field is http-header.

HttpRequestMethodConfig ListenerRuleHttpRequestMethodConfig

Information for an HTTP method condition. Specify only when Field is http-request-method.

PathPatternConfig ListenerRulePathPatternConfig

Information for a path pattern condition. Specify only when Field is path-pattern.

QueryStringConfig ListenerRuleQueryStringConfig

Information for a query string condition. Specify only when Field is query-string.

SourceIpConfig ListenerRuleSourceIpConfig

Information for a source IP condition. Specify only when Field is source-ip.

Values []string

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

field String

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

hostHeaderConfig ListenerRuleHostHeaderConfig

Information for a host header condition. Specify only when Field is host-header.

httpHeaderConfig ListenerRuleHttpHeaderConfig

Information for an HTTP header condition. Specify only when Field is http-header.

httpRequestMethodConfig ListenerRuleHttpRequestMethodConfig

Information for an HTTP method condition. Specify only when Field is http-request-method.

pathPatternConfig ListenerRulePathPatternConfig

Information for a path pattern condition. Specify only when Field is path-pattern.

queryStringConfig ListenerRuleQueryStringConfig

Information for a query string condition. Specify only when Field is query-string.

sourceIpConfig ListenerRuleSourceIpConfig

Information for a source IP condition. Specify only when Field is source-ip.

values List<String>

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

field string

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

hostHeaderConfig ListenerRuleHostHeaderConfig

Information for a host header condition. Specify only when Field is host-header.

httpHeaderConfig ListenerRuleHttpHeaderConfig

Information for an HTTP header condition. Specify only when Field is http-header.

httpRequestMethodConfig ListenerRuleHttpRequestMethodConfig

Information for an HTTP method condition. Specify only when Field is http-request-method.

pathPatternConfig ListenerRulePathPatternConfig

Information for a path pattern condition. Specify only when Field is path-pattern.

queryStringConfig ListenerRuleQueryStringConfig

Information for a query string condition. Specify only when Field is query-string.

sourceIpConfig ListenerRuleSourceIpConfig

Information for a source IP condition. Specify only when Field is source-ip.

values string[]

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

field str

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

host_header_config ListenerRuleHostHeaderConfig

Information for a host header condition. Specify only when Field is host-header.

http_header_config ListenerRuleHttpHeaderConfig

Information for an HTTP header condition. Specify only when Field is http-header.

http_request_method_config ListenerRuleHttpRequestMethodConfig

Information for an HTTP method condition. Specify only when Field is http-request-method.

path_pattern_config ListenerRulePathPatternConfig

Information for a path pattern condition. Specify only when Field is path-pattern.

query_string_config ListenerRuleQueryStringConfig

Information for a query string condition. Specify only when Field is query-string.

source_ip_config ListenerRuleSourceIpConfig

Information for a source IP condition. Specify only when Field is source-ip.

values Sequence[str]

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

field String

The field in the HTTP request. The following are the possible values:

http-header
http-request-method
host-header
path-pattern
query-string
source-ip

hostHeaderConfig Property Map

Information for a host header condition. Specify only when Field is host-header.

httpHeaderConfig Property Map

Information for an HTTP header condition. Specify only when Field is http-header.

httpRequestMethodConfig Property Map

Information for an HTTP method condition. Specify only when Field is http-request-method.

pathPatternConfig Property Map

Information for a path pattern condition. Specify only when Field is path-pattern.

queryStringConfig Property Map

Information for a query string condition. Specify only when Field is query-string.

sourceIpConfig Property Map

Information for a source IP condition. Specify only when Field is source-ip.

values List<String>

A-Z, a-z, 0-9
- .
- (matches 0 or more characters)
? (matches exactly 1 character)

A-Z, a-z, 0-9
_ - . $ / ~ " ' @ : +
& (using &)
- (matches 0 or more characters)
? (matches exactly 1 character)

ListenerRuleSourceIpConfig, ListenerRuleSourceIpConfigArgs

Values List<string>: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

Values []string: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

values List<String>: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

values string[]: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

values Sequence[str]: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

values List<String>: The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.

ListenerRuleTargetGroupStickinessConfig, ListenerRuleTargetGroupStickinessConfigArgs

DurationSeconds int: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
Enabled bool: Indicates whether target group stickiness is enabled.

DurationSeconds int: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
Enabled bool: Indicates whether target group stickiness is enabled.

durationSeconds Integer: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
enabled Boolean: Indicates whether target group stickiness is enabled.

durationSeconds number: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
enabled boolean: Indicates whether target group stickiness is enabled.

duration_seconds int: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
enabled bool: Indicates whether target group stickiness is enabled.

durationSeconds Number: The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
enabled Boolean: Indicates whether target group stickiness is enabled.

ListenerRuleTargetGroupTuple, ListenerRuleTargetGroupTupleArgs

TargetGroupArn string: The Amazon Resource Name (ARN) of the target group.
Weight int: The weight. The range is 0 to 999.

TargetGroupArn string: The Amazon Resource Name (ARN) of the target group.
Weight int: The weight. The range is 0 to 999.

targetGroupArn String: The Amazon Resource Name (ARN) of the target group.
weight Integer: The weight. The range is 0 to 999.

targetGroupArn string: The Amazon Resource Name (ARN) of the target group.
weight number: The weight. The range is 0 to 999.

target_group_arn str: The Amazon Resource Name (ARN) of the target group.
weight int: The weight. The range is 0 to 999.

targetGroupArn String: The Amazon Resource Name (ARN) of the target group.
weight Number: The weight. The range is 0 to 999.

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.30.0 published on Monday, Jun 16, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.elasticloadbalancingv2.ListenerRule

On this page

On this page

Create ListenerRule Resource

Constructor syntax

Parameters

ListenerRule Resource Properties

Inputs

Outputs

Supporting Types

ListenerRuleAction, ListenerRuleActionArgs

ListenerRuleAuthenticateCognitoConfig, ListenerRuleAuthenticateCognitoConfigArgs

ListenerRuleAuthenticateOidcConfig, ListenerRuleAuthenticateOidcConfigArgs

ListenerRuleFixedResponseConfig, ListenerRuleFixedResponseConfigArgs

ListenerRuleForwardConfig, ListenerRuleForwardConfigArgs

ListenerRuleHostHeaderConfig, ListenerRuleHostHeaderConfigArgs

ListenerRuleHttpHeaderConfig, ListenerRuleHttpHeaderConfigArgs

ListenerRuleHttpRequestMethodConfig, ListenerRuleHttpRequestMethodConfigArgs

ListenerRulePathPatternConfig, ListenerRulePathPatternConfigArgs

ListenerRuleQueryStringConfig, ListenerRuleQueryStringConfigArgs

ListenerRuleQueryStringKeyValue, ListenerRuleQueryStringKeyValueArgs

ListenerRuleRedirectConfig, ListenerRuleRedirectConfigArgs

ListenerRuleRuleCondition, ListenerRuleRuleConditionArgs

ListenerRuleSourceIpConfig, ListenerRuleSourceIpConfigArgs

ListenerRuleTargetGroupStickinessConfig, ListenerRuleTargetGroupStickinessConfigArgs

ListenerRuleTargetGroupTuple, ListenerRuleTargetGroupTupleArgs

Package Details

On this page

On this page