Docs
PackagesTry AWS Native preview for resources not in the classic version.
aws.applicationloadbalancing.Listener
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Deprecated:
aws.applicationloadbalancing.Listener has been deprecated in favor of aws.alb.Listener
Provides a Load Balancer Listener resource.
Note:
aws.alb.Listeneris known asaws.lb.Listener. The functionality is identical.
Example Usage
Forward Action
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");
// ...
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");
// ...
var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
{
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 443,
Protocol = "HTTPS",
SslPolicy = "ELBSecurityPolicy-2016-08",
CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = frontEndTargetGroup.Arn,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
if err != nil {
return err
}
frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
LoadBalancerArn: frontEndLoadBalancer.Arn,
Port: pulumi.Int(443),
Protocol: pulumi.String("HTTPS"),
SslPolicy: pulumi.String("ELBSecurityPolicy-2016-08"),
CertificateArn: pulumi.String("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: frontEndTargetGroup.Arn,
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");
var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");
var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()
.loadBalancerArn(frontEndLoadBalancer.arn())
.port("443")
.protocol("HTTPS")
.sslPolicy("ELBSecurityPolicy-2016-08")
.certificateArn("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4")
.defaultActions(ListenerDefaultActionArgs.builder()
.type("forward")
.targetGroupArn(frontEndTargetGroup.arn())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
load_balancer_arn=front_end_load_balancer.arn,
port=443,
protocol="HTTPS",
ssl_policy="ELBSecurityPolicy-2016-08",
certificate_arn="arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
default_actions=[aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=front_end_target_group.arn,
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
loadBalancerArn: frontEndLoadBalancer.arn,
port: 443,
protocol: "HTTPS",
sslPolicy: "ELBSecurityPolicy-2016-08",
certificateArn: "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
defaultActions: [{
type: "forward",
targetGroupArn: frontEndTargetGroup.arn,
}],
});
resources:
frontEndLoadBalancer:
type: aws:lb:LoadBalancer
frontEndTargetGroup:
type: aws:lb:TargetGroup
frontEndListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${frontEndLoadBalancer.arn}
port: '443'
protocol: HTTPS
sslPolicy: ELBSecurityPolicy-2016-08
certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4
defaultActions:
- type: forward
targetGroupArn: ${frontEndTargetGroup.arn}
To a NLB
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEnd = new Aws.LB.Listener("frontEnd", new()
{
LoadBalancerArn = aws_lb.Front_end.Arn,
Port = 443,
Protocol = "TLS",
CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
AlpnPolicy = "HTTP2Preferred",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = aws_lb_target_group.Front_end.Arn,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lb.NewListener(ctx, "frontEnd", &lb.ListenerArgs{
LoadBalancerArn: pulumi.Any(aws_lb.Front_end.Arn),
Port: pulumi.Int(443),
Protocol: pulumi.String("TLS"),
CertificateArn: pulumi.String("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"),
AlpnPolicy: pulumi.String("HTTP2Preferred"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(aws_lb_target_group.Front_end.Arn),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEnd = new Listener("frontEnd", ListenerArgs.builder()
.loadBalancerArn(aws_lb.front_end().arn())
.port("443")
.protocol("TLS")
.certificateArn("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4")
.alpnPolicy("HTTP2Preferred")
.defaultActions(ListenerDefaultActionArgs.builder()
.type("forward")
.targetGroupArn(aws_lb_target_group.front_end().arn())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end = aws.lb.Listener("frontEnd",
load_balancer_arn=aws_lb["front_end"]["arn"],
port=443,
protocol="TLS",
certificate_arn="arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
alpn_policy="HTTP2Preferred",
default_actions=[aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=aws_lb_target_group["front_end"]["arn"],
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEnd = new aws.lb.Listener("frontEnd", {
loadBalancerArn: aws_lb.front_end.arn,
port: 443,
protocol: "TLS",
certificateArn: "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
alpnPolicy: "HTTP2Preferred",
defaultActions: [{
type: "forward",
targetGroupArn: aws_lb_target_group.front_end.arn,
}],
});
resources:
frontEnd:
type: aws:lb:Listener
properties:
loadBalancerArn: ${aws_lb.front_end.arn}
port: '443'
protocol: TLS
certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4
alpnPolicy: HTTP2Preferred
defaultActions:
- type: forward
targetGroupArn: ${aws_lb_target_group.front_end.arn}
Redirect Action
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");
// ...
var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
{
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "redirect",
Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs
{
Port = "443",
Protocol = "HTTPS",
StatusCode = "HTTP_301",
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
LoadBalancerArn: frontEndLoadBalancer.Arn,
Port: pulumi.Int(80),
Protocol: pulumi.String("HTTP"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("redirect"),
Redirect: &lb.ListenerDefaultActionRedirectArgs{
Port: pulumi.String("443"),
Protocol: pulumi.String("HTTPS"),
StatusCode: pulumi.String("HTTP_301"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");
var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()
.loadBalancerArn(frontEndLoadBalancer.arn())
.port("80")
.protocol("HTTP")
.defaultActions(ListenerDefaultActionArgs.builder()
.type("redirect")
.redirect(ListenerDefaultActionRedirectArgs.builder()
.port("443")
.protocol("HTTPS")
.statusCode("HTTP_301")
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
load_balancer_arn=front_end_load_balancer.arn,
port=80,
protocol="HTTP",
default_actions=[aws.lb.ListenerDefaultActionArgs(
type="redirect",
redirect=aws.lb.ListenerDefaultActionRedirectArgs(
port="443",
protocol="HTTPS",
status_code="HTTP_301",
),
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
loadBalancerArn: frontEndLoadBalancer.arn,
port: 80,
protocol: "HTTP",
defaultActions: [{
type: "redirect",
redirect: {
port: "443",
protocol: "HTTPS",
statusCode: "HTTP_301",
},
}],
});
resources:
frontEndLoadBalancer:
type: aws:lb:LoadBalancer
frontEndListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${frontEndLoadBalancer.arn}
port: '80'
protocol: HTTP
defaultActions:
- type: redirect
redirect:
port: '443'
protocol: HTTPS
statusCode: HTTP_301
Fixed-response Action
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");
// ...
var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
{
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "fixed-response",
FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs
{
ContentType = "text/plain",
MessageBody = "Fixed response content",
StatusCode = "200",
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
LoadBalancerArn: frontEndLoadBalancer.Arn,
Port: pulumi.Int(80),
Protocol: pulumi.String("HTTP"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("fixed-response"),
FixedResponse: &lb.ListenerDefaultActionFixedResponseArgs{
ContentType: pulumi.String("text/plain"),
MessageBody: pulumi.String("Fixed response content"),
StatusCode: pulumi.String("200"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");
var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()
.loadBalancerArn(frontEndLoadBalancer.arn())
.port("80")
.protocol("HTTP")
.defaultActions(ListenerDefaultActionArgs.builder()
.type("fixed-response")
.fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()
.contentType("text/plain")
.messageBody("Fixed response content")
.statusCode("200")
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
load_balancer_arn=front_end_load_balancer.arn,
port=80,
protocol="HTTP",
default_actions=[aws.lb.ListenerDefaultActionArgs(
type="fixed-response",
fixed_response=aws.lb.ListenerDefaultActionFixedResponseArgs(
content_type="text/plain",
message_body="Fixed response content",
status_code="200",
),
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
loadBalancerArn: frontEndLoadBalancer.arn,
port: 80,
protocol: "HTTP",
defaultActions: [{
type: "fixed-response",
fixedResponse: {
contentType: "text/plain",
messageBody: "Fixed response content",
statusCode: "200",
},
}],
});
resources:
frontEndLoadBalancer:
type: aws:lb:LoadBalancer
frontEndListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${frontEndLoadBalancer.arn}
port: '80'
protocol: HTTP
defaultActions:
- type: fixed-response
fixedResponse:
contentType: text/plain
messageBody: Fixed response content
statusCode: '200'
Authenticate-cognito Action
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");
// ...
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");
// ...
var pool = new Aws.Cognito.UserPool("pool");
// ...
var client = new Aws.Cognito.UserPoolClient("client");
// ...
var domain = new Aws.Cognito.UserPoolDomain("domain");
// ...
var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
{
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "authenticate-cognito",
AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
{
UserPoolArn = pool.Arn,
UserPoolClientId = client.Id,
UserPoolDomain = domain.Domain,
},
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = frontEndTargetGroup.Arn,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cognito"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
if err != nil {
return err
}
frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
if err != nil {
return err
}
pool, err := cognito.NewUserPool(ctx, "pool", nil)
if err != nil {
return err
}
client, err := cognito.NewUserPoolClient(ctx, "client", nil)
if err != nil {
return err
}
domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil)
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
LoadBalancerArn: frontEndLoadBalancer.Arn,
Port: pulumi.Int(80),
Protocol: pulumi.String("HTTP"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("authenticate-cognito"),
AuthenticateCognito: &lb.ListenerDefaultActionAuthenticateCognitoArgs{
UserPoolArn: pool.Arn,
UserPoolClientId: client.ID(),
UserPoolDomain: domain.Domain,
},
},
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: frontEndTargetGroup.Arn,
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolClient;
import com.pulumi.aws.cognito.UserPoolDomain;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");
var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");
var pool = new UserPool("pool");
var client = new UserPoolClient("client");
var domain = new UserPoolDomain("domain");
var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()
.loadBalancerArn(frontEndLoadBalancer.arn())
.port("80")
.protocol("HTTP")
.defaultActions(
ListenerDefaultActionArgs.builder()
.type("authenticate-cognito")
.authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()
.userPoolArn(pool.arn())
.userPoolClientId(client.id())
.userPoolDomain(domain.domain())
.build())
.build(),
ListenerDefaultActionArgs.builder()
.type("forward")
.targetGroupArn(frontEndTargetGroup.arn())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
pool = aws.cognito.UserPool("pool")
# ...
client = aws.cognito.UserPoolClient("client")
# ...
domain = aws.cognito.UserPoolDomain("domain")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
load_balancer_arn=front_end_load_balancer.arn,
port=80,
protocol="HTTP",
default_actions=[
aws.lb.ListenerDefaultActionArgs(
type="authenticate-cognito",
authenticate_cognito=aws.lb.ListenerDefaultActionAuthenticateCognitoArgs(
user_pool_arn=pool.arn,
user_pool_client_id=client.id,
user_pool_domain=domain.domain,
),
),
aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=front_end_target_group.arn,
),
])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const pool = new aws.cognito.UserPool("pool", {});
// ...
const client = new aws.cognito.UserPoolClient("client", {});
// ...
const domain = new aws.cognito.UserPoolDomain("domain", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
loadBalancerArn: frontEndLoadBalancer.arn,
port: 80,
protocol: "HTTP",
defaultActions: [
{
type: "authenticate-cognito",
authenticateCognito: {
userPoolArn: pool.arn,
userPoolClientId: client.id,
userPoolDomain: domain.domain,
},
},
{
type: "forward",
targetGroupArn: frontEndTargetGroup.arn,
},
],
});
resources:
frontEndLoadBalancer:
type: aws:lb:LoadBalancer
frontEndTargetGroup:
type: aws:lb:TargetGroup
pool:
type: aws:cognito:UserPool
client:
type: aws:cognito:UserPoolClient
domain:
type: aws:cognito:UserPoolDomain
frontEndListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${frontEndLoadBalancer.arn}
port: '80'
protocol: HTTP
defaultActions:
- type: authenticate-cognito
authenticateCognito:
userPoolArn: ${pool.arn}
userPoolClientId: ${client.id}
userPoolDomain: ${domain.domain}
- type: forward
targetGroupArn: ${frontEndTargetGroup.arn}
Authenticate-OIDC Action
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");
// ...
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");
// ...
var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
{
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "authenticate-oidc",
AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "https://example.com/authorization_endpoint",
ClientId = "client_id",
ClientSecret = "client_secret",
Issuer = "https://example.com",
TokenEndpoint = "https://example.com/token_endpoint",
UserInfoEndpoint = "https://example.com/user_info_endpoint",
},
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = frontEndTargetGroup.Arn,
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
if err != nil {
return err
}
frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
LoadBalancerArn: frontEndLoadBalancer.Arn,
Port: pulumi.Int(80),
Protocol: pulumi.String("HTTP"),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("authenticate-oidc"),
AuthenticateOidc: &lb.ListenerDefaultActionAuthenticateOidcArgs{
AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"),
ClientId: pulumi.String("client_id"),
ClientSecret: pulumi.String("client_secret"),
Issuer: pulumi.String("https://example.com"),
TokenEndpoint: pulumi.String("https://example.com/token_endpoint"),
UserInfoEndpoint: pulumi.String("https://example.com/user_info_endpoint"),
},
},
&lb.ListenerDefaultActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: frontEndTargetGroup.Arn,
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");
var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");
var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()
.loadBalancerArn(frontEndLoadBalancer.arn())
.port("80")
.protocol("HTTP")
.defaultActions(
ListenerDefaultActionArgs.builder()
.type("authenticate-oidc")
.authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()
.authorizationEndpoint("https://example.com/authorization_endpoint")
.clientId("client_id")
.clientSecret("client_secret")
.issuer("https://example.com")
.tokenEndpoint("https://example.com/token_endpoint")
.userInfoEndpoint("https://example.com/user_info_endpoint")
.build())
.build(),
ListenerDefaultActionArgs.builder()
.type("forward")
.targetGroupArn(frontEndTargetGroup.arn())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
load_balancer_arn=front_end_load_balancer.arn,
port=80,
protocol="HTTP",
default_actions=[
aws.lb.ListenerDefaultActionArgs(
type="authenticate-oidc",
authenticate_oidc=aws.lb.ListenerDefaultActionAuthenticateOidcArgs(
authorization_endpoint="https://example.com/authorization_endpoint",
client_id="client_id",
client_secret="client_secret",
issuer="https://example.com",
token_endpoint="https://example.com/token_endpoint",
user_info_endpoint="https://example.com/user_info_endpoint",
),
),
aws.lb.ListenerDefaultActionArgs(
type="forward",
target_group_arn=front_end_target_group.arn,
),
])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
loadBalancerArn: frontEndLoadBalancer.arn,
port: 80,
protocol: "HTTP",
defaultActions: [
{
type: "authenticate-oidc",
authenticateOidc: {
authorizationEndpoint: "https://example.com/authorization_endpoint",
clientId: "client_id",
clientSecret: "client_secret",
issuer: "https://example.com",
tokenEndpoint: "https://example.com/token_endpoint",
userInfoEndpoint: "https://example.com/user_info_endpoint",
},
},
{
type: "forward",
targetGroupArn: frontEndTargetGroup.arn,
},
],
});
resources:
frontEndLoadBalancer:
type: aws:lb:LoadBalancer
frontEndTargetGroup:
type: aws:lb:TargetGroup
frontEndListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${frontEndLoadBalancer.arn}
port: '80'
protocol: HTTP
defaultActions:
- type: authenticate-oidc
authenticateOidc:
authorizationEndpoint: https://example.com/authorization_endpoint
clientId: client_id
clientSecret: client_secret
issuer: https://example.com
tokenEndpoint: https://example.com/token_endpoint
userInfoEndpoint: https://example.com/user_info_endpoint
- type: forward
targetGroupArn: ${frontEndTargetGroup.arn}
Gateway Load Balancer Listener
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleLoadBalancer = new Aws.LB.LoadBalancer("exampleLoadBalancer", new()
{
LoadBalancerType = "gateway",
SubnetMappings = new[]
{
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = aws_subnet.Example.Id,
},
},
});
var exampleTargetGroup = new Aws.LB.TargetGroup("exampleTargetGroup", new()
{
Port = 6081,
Protocol = "GENEVE",
VpcId = aws_vpc.Example.Id,
HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs
{
Port = "80",
Protocol = "HTTP",
},
});
var exampleListener = new Aws.LB.Listener("exampleListener", new()
{
LoadBalancerArn = exampleLoadBalancer.Id,
DefaultActions = new[]
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = exampleTargetGroup.Id,
Type = "forward",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleLoadBalancer, err := lb.NewLoadBalancer(ctx, "exampleLoadBalancer", &lb.LoadBalancerArgs{
LoadBalancerType: pulumi.String("gateway"),
SubnetMappings: lb.LoadBalancerSubnetMappingArray{
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.Any(aws_subnet.Example.Id),
},
},
})
if err != nil {
return err
}
exampleTargetGroup, err := lb.NewTargetGroup(ctx, "exampleTargetGroup", &lb.TargetGroupArgs{
Port: pulumi.Int(6081),
Protocol: pulumi.String("GENEVE"),
VpcId: pulumi.Any(aws_vpc.Example.Id),
HealthCheck: &lb.TargetGroupHealthCheckArgs{
Port: pulumi.String("80"),
Protocol: pulumi.String("HTTP"),
},
})
if err != nil {
return err
}
_, err = lb.NewListener(ctx, "exampleListener", &lb.ListenerArgs{
LoadBalancerArn: exampleLoadBalancer.ID(),
DefaultActions: lb.ListenerDefaultActionArray{
&lb.ListenerDefaultActionArgs{
TargetGroupArn: exampleTargetGroup.ID(),
Type: pulumi.String("forward"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.LoadBalancerArgs;
import com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.TargetGroupArgs;
import com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleLoadBalancer = new LoadBalancer("exampleLoadBalancer", LoadBalancerArgs.builder()
.loadBalancerType("gateway")
.subnetMappings(LoadBalancerSubnetMappingArgs.builder()
.subnetId(aws_subnet.example().id())
.build())
.build());
var exampleTargetGroup = new TargetGroup("exampleTargetGroup", TargetGroupArgs.builder()
.port(6081)
.protocol("GENEVE")
.vpcId(aws_vpc.example().id())
.healthCheck(TargetGroupHealthCheckArgs.builder()
.port(80)
.protocol("HTTP")
.build())
.build());
var exampleListener = new Listener("exampleListener", ListenerArgs.builder()
.loadBalancerArn(exampleLoadBalancer.id())
.defaultActions(ListenerDefaultActionArgs.builder()
.targetGroupArn(exampleTargetGroup.id())
.type("forward")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
example_load_balancer = aws.lb.LoadBalancer("exampleLoadBalancer",
load_balancer_type="gateway",
subnet_mappings=[aws.lb.LoadBalancerSubnetMappingArgs(
subnet_id=aws_subnet["example"]["id"],
)])
example_target_group = aws.lb.TargetGroup("exampleTargetGroup",
port=6081,
protocol="GENEVE",
vpc_id=aws_vpc["example"]["id"],
health_check=aws.lb.TargetGroupHealthCheckArgs(
port="80",
protocol="HTTP",
))
example_listener = aws.lb.Listener("exampleListener",
load_balancer_arn=example_load_balancer.id,
default_actions=[aws.lb.ListenerDefaultActionArgs(
target_group_arn=example_target_group.id,
type="forward",
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleLoadBalancer = new aws.lb.LoadBalancer("exampleLoadBalancer", {
loadBalancerType: "gateway",
subnetMappings: [{
subnetId: aws_subnet.example.id,
}],
});
const exampleTargetGroup = new aws.lb.TargetGroup("exampleTargetGroup", {
port: 6081,
protocol: "GENEVE",
vpcId: aws_vpc.example.id,
healthCheck: {
port: "80",
protocol: "HTTP",
},
});
const exampleListener = new aws.lb.Listener("exampleListener", {
loadBalancerArn: exampleLoadBalancer.id,
defaultActions: [{
targetGroupArn: exampleTargetGroup.id,
type: "forward",
}],
});
resources:
exampleLoadBalancer:
type: aws:lb:LoadBalancer
properties:
loadBalancerType: gateway
subnetMappings:
- subnetId: ${aws_subnet.example.id}
exampleTargetGroup:
type: aws:lb:TargetGroup
properties:
port: 6081
protocol: GENEVE
vpcId: ${aws_vpc.example.id}
healthCheck:
port: 80
protocol: HTTP
exampleListener:
type: aws:lb:Listener
properties:
loadBalancerArn: ${exampleLoadBalancer.id}
defaultActions:
- targetGroupArn: ${exampleTargetGroup.id}
type: forward
Create Listener Resource
new Listener(name: string, args: ListenerArgs, opts?: CustomResourceOptions);@overload
def Listener(resource_name: str,
opts: Optional[ResourceOptions] = None,
alpn_policy: Optional[str] = None,
certificate_arn: Optional[str] = None,
default_actions: Optional[Sequence[ListenerDefaultActionArgs]] = None,
load_balancer_arn: Optional[str] = None,
port: Optional[int] = None,
protocol: Optional[str] = None,
ssl_policy: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
@overload
def Listener(resource_name: str,
args: ListenerArgs,
opts: Optional[ResourceOptions] = None)func NewListener(ctx *Context, name string, args ListenerArgs, opts ...ResourceOption) (*Listener, error)public Listener(string name, ListenerArgs args, CustomResourceOptions? opts = null)
public Listener(String name, ListenerArgs args)
public Listener(String name, ListenerArgs args, CustomResourceOptions options)
type: aws:applicationloadbalancing:Listener
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Listener Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Listener resource accepts the following input properties:
- Default
Actions List<ListenerDefault Action Args> Configuration block for default actions. Detailed below.
- Load
Balancer stringArn ARN of the load balancer.
- Alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- Certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- Port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- Ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Dictionary<string, string>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Default
Actions []ListenerDefault Action Args Configuration block for default actions. Detailed below.
- Load
Balancer stringArn ARN of the load balancer.
- Alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- Certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- Port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- Ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- map[string]string
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- default
Actions List<ListenerDefault Action Args> Configuration block for default actions. Detailed below.
- load
Balancer StringArn ARN of the load balancer.
- alpn
Policy String Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- certificate
Arn String ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- port Integer
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy String Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Map<String,String>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- default
Actions ListenerDefault Action Args[] Configuration block for default actions. Detailed below.
- load
Balancer stringArn ARN of the load balancer.
- alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- port number
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- {[key: string]: string}
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- default_
actions Sequence[ListenerDefault Action Args] Configuration block for default actions. Detailed below.
- load_
balancer_ strarn ARN of the load balancer.
- alpn_
policy str Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- certificate_
arn str ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol str
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl_
policy str Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Mapping[str, str]
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- default
Actions List<Property Map> Configuration block for default actions. Detailed below.
- load
Balancer StringArn ARN of the load balancer.
- alpn
Policy String Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- certificate
Arn String ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- port Number
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy String Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Map<String>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the Listener resource produces the following output properties:
Look up Existing Listener Resource
Get an existing Listener resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ListenerState, opts?: CustomResourceOptions): Listener@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
alpn_policy: Optional[str] = None,
arn: Optional[str] = None,
certificate_arn: Optional[str] = None,
default_actions: Optional[Sequence[ListenerDefaultActionArgs]] = None,
load_balancer_arn: Optional[str] = None,
port: Optional[int] = None,
protocol: Optional[str] = None,
ssl_policy: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> Listenerfunc GetListener(ctx *Context, name string, id IDInput, state *ListenerState, opts ...ResourceOption) (*Listener, error)public static Listener Get(string name, Input<string> id, ListenerState? state, CustomResourceOptions? opts = null)public static Listener get(String name, Output<String> id, ListenerState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- Arn string
ARN of the target group.
- Certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- Default
Actions List<ListenerDefault Action Args> Configuration block for default actions. Detailed below.
- Load
Balancer stringArn ARN of the load balancer.
- Port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- Ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Dictionary<string, string>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Dictionary<string, string>
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- Alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- Arn string
ARN of the target group.
- Certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- Default
Actions []ListenerDefault Action Args Configuration block for default actions. Detailed below.
- Load
Balancer stringArn ARN of the load balancer.
- Port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- Ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- map[string]string
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- map[string]string
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- alpn
Policy String Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- arn String
ARN of the target group.
- certificate
Arn String ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- default
Actions List<ListenerDefault Action Args> Configuration block for default actions. Detailed below.
- load
Balancer StringArn ARN of the load balancer.
- port Integer
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy String Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Map<String,String>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String,String>
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- alpn
Policy string Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- arn string
ARN of the target group.
- certificate
Arn string ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- default
Actions ListenerDefault Action Args[] Configuration block for default actions. Detailed below.
- load
Balancer stringArn ARN of the load balancer.
- port number
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol string
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy string Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- {[key: string]: string}
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- {[key: string]: string}
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- alpn_
policy str Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- arn str
ARN of the target group.
- certificate_
arn str ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- default_
actions Sequence[ListenerDefault Action Args] Configuration block for default actions. Detailed below.
- load_
balancer_ strarn ARN of the load balancer.
- port int
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol str
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl_
policy str Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Mapping[str, str]
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Mapping[str, str]
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- alpn
Policy String Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if
protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.- arn String
ARN of the target group.
- certificate
Arn String ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the
aws.lb.ListenerCertificateresource.- default
Actions List<Property Map> Configuration block for default actions. Detailed below.
- load
Balancer StringArn ARN of the load balancer.
- port Number
Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are
HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.- ssl
Policy String Name of the SSL Policy for the listener. Required if
protocolisHTTPSorTLS.- Map<String>
A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String>
A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
Supporting Types
ListenerDefaultAction
- Type string
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- Authenticate
Cognito ListenerDefault Action Authenticate Cognito Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- Authenticate
Oidc ListenerDefault Action Authenticate Oidc Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- Fixed
Response ListenerDefault Action Fixed Response Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- Forward
Listener
Default Action Forward Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- Order int
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- Redirect
Listener
Default Action Redirect Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- Target
Group stringArn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
- Type string
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- Authenticate
Cognito ListenerDefault Action Authenticate Cognito Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- Authenticate
Oidc ListenerDefault Action Authenticate Oidc Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- Fixed
Response ListenerDefault Action Fixed Response Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- Forward
Listener
Default Action Forward Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- Order int
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- Redirect
Listener
Default Action Redirect Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- Target
Group stringArn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
- type String
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- authenticate
Cognito ListenerDefault Action Authenticate Cognito Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- authenticate
Oidc ListenerDefault Action Authenticate Oidc Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- fixed
Response ListenerDefault Action Fixed Response Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- forward
Listener
Default Action Forward Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- order Integer
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- redirect
Listener
Default Action Redirect Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- target
Group StringArn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
- type string
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- authenticate
Cognito ListenerDefault Action Authenticate Cognito Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- authenticate
Oidc ListenerDefault Action Authenticate Oidc Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- fixed
Response ListenerDefault Action Fixed Response Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- forward
Listener
Default Action Forward Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- order number
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- redirect
Listener
Default Action Redirect Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- target
Group stringArn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
- type str
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- authenticate_
cognito ListenerDefault Action Authenticate Cognito Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- authenticate_
oidc ListenerDefault Action Authenticate Oidc Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- fixed_
response ListenerDefault Action Fixed Response Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- forward
Listener
Default Action Forward Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- order int
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- redirect
Listener
Default Action Redirect Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- target_
group_ strarn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
- type String
Type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc.- authenticate
Cognito Property Map Configuration block for using Amazon Cognito to authenticate users. Specify only when
typeisauthenticate-cognito. Detailed below.- authenticate
Oidc Property Map Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when
typeisauthenticate-oidc. Detailed below.- fixed
Response Property Map Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response.- forward Property Map
Configuration block for creating an action that distributes requests among one or more target groups. Specify only if
typeisforward. If you specify bothforwardblock andtarget_group_arnattribute, you can specify only one target group usingforwardand it must be the same target group specified intarget_group_arn. Detailed below.- order Number
Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between
1and50000.- redirect Property Map
Configuration block for creating a redirect action. Required if
typeisredirect. Detailed below.- target
Group StringArn ARN of the Target Group to which to route traffic. Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead.
ListenerDefaultActionAuthenticateCognito
- User
Pool stringArn ARN of the Cognito user pool.
- User
Pool stringClient Id ID of the Cognito user pool client.
- User
Pool stringDomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- Authentication
Request Dictionary<string, string>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- On
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- Scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- Session
Timeout int Maximum duration of the authentication session, in seconds.
- User
Pool stringArn ARN of the Cognito user pool.
- User
Pool stringClient Id ID of the Cognito user pool client.
- User
Pool stringDomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- Authentication
Request map[string]stringExtra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- On
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- Scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- Session
Timeout int Maximum duration of the authentication session, in seconds.
- user
Pool StringArn ARN of the Cognito user pool.
- user
Pool StringClient Id ID of the Cognito user pool client.
- user
Pool StringDomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request Map<String,String>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- on
Unauthenticated StringRequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- scope String
Set of user claims to be requested from the IdP.
- String
Name of the cookie used to maintain session information.
- session
Timeout Integer Maximum duration of the authentication session, in seconds.
- user
Pool stringArn ARN of the Cognito user pool.
- user
Pool stringClient Id ID of the Cognito user pool client.
- user
Pool stringDomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request {[key: string]: string}Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- on
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- session
Timeout number Maximum duration of the authentication session, in seconds.
- user_
pool_ strarn ARN of the Cognito user pool.
- user_
pool_ strclient_ id ID of the Cognito user pool client.
- user_
pool_ strdomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication_
request_ Mapping[str, str]extra_ params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- on_
unauthenticated_ strrequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- scope str
Set of user claims to be requested from the IdP.
- str
Name of the cookie used to maintain session information.
- session_
timeout int Maximum duration of the authentication session, in seconds.
- user
Pool StringArn ARN of the Cognito user pool.
- user
Pool StringClient Id ID of the Cognito user pool client.
- user
Pool StringDomain Domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request Map<String>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.
- on
Unauthenticated StringRequest Behavior if the user is not authenticated. Valid values are
deny,allowandauthenticate.- scope String
Set of user claims to be requested from the IdP.
- String
Name of the cookie used to maintain session information.
- session
Timeout Number Maximum duration of the authentication session, in seconds.
ListenerDefaultActionAuthenticateOidc
- string
Authorization endpoint of the IdP.
- Client
Id string OAuth 2.0 client identifier.
- Client
Secret string OAuth 2.0 client secret.
- Issuer string
OIDC issuer identifier of the IdP.
- Token
Endpoint string Token endpoint of the IdP.
- User
Info stringEndpoint User info endpoint of the IdP.
- Authentication
Request Dictionary<string, string>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- Scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- Session
Timeout int Maximum duration of the authentication session, in seconds.
- string
Authorization endpoint of the IdP.
- Client
Id string OAuth 2.0 client identifier.
- Client
Secret string OAuth 2.0 client secret.
- Issuer string
OIDC issuer identifier of the IdP.
- Token
Endpoint string Token endpoint of the IdP.
- User
Info stringEndpoint User info endpoint of the IdP.
- Authentication
Request map[string]stringExtra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- Scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- Session
Timeout int Maximum duration of the authentication session, in seconds.
- String
Authorization endpoint of the IdP.
- client
Id String OAuth 2.0 client identifier.
- client
Secret String OAuth 2.0 client secret.
- issuer String
OIDC issuer identifier of the IdP.
- token
Endpoint String Token endpoint of the IdP.
- user
Info StringEndpoint User info endpoint of the IdP.
- authentication
Request Map<String,String>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- scope String
Set of user claims to be requested from the IdP.
- String
Name of the cookie used to maintain session information.
- session
Timeout Integer Maximum duration of the authentication session, in seconds.
- string
Authorization endpoint of the IdP.
- client
Id string OAuth 2.0 client identifier.
- client
Secret string OAuth 2.0 client secret.
- issuer string
OIDC issuer identifier of the IdP.
- token
Endpoint string Token endpoint of the IdP.
- user
Info stringEndpoint User info endpoint of the IdP.
- authentication
Request {[key: string]: string}Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated stringRequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- scope string
Set of user claims to be requested from the IdP.
- string
Name of the cookie used to maintain session information.
- session
Timeout number Maximum duration of the authentication session, in seconds.
- str
Authorization endpoint of the IdP.
- client_
id str OAuth 2.0 client identifier.
- client_
secret str OAuth 2.0 client secret.
- issuer str
OIDC issuer identifier of the IdP.
- token_
endpoint str Token endpoint of the IdP.
- user_
info_ strendpoint User info endpoint of the IdP.
- authentication_
request_ Mapping[str, str]extra_ params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on_
unauthenticated_ strrequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- scope str
Set of user claims to be requested from the IdP.
- str
Name of the cookie used to maintain session information.
- session_
timeout int Maximum duration of the authentication session, in seconds.
- String
Authorization endpoint of the IdP.
- client
Id String OAuth 2.0 client identifier.
- client
Secret String OAuth 2.0 client secret.
- issuer String
OIDC issuer identifier of the IdP.
- token
Endpoint String Token endpoint of the IdP.
- user
Info StringEndpoint User info endpoint of the IdP.
- authentication
Request Map<String>Extra Params Query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest Behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate- scope String
Set of user claims to be requested from the IdP.
- String
Name of the cookie used to maintain session information.
- session
Timeout Number Maximum duration of the authentication session, in seconds.
ListenerDefaultActionFixedResponse
- Content
Type string Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- Message
Body string Message body.
- Status
Code string HTTP response code. Valid values are
2XX,4XX, or5XX.
- Content
Type string Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- Message
Body string Message body.
- Status
Code string HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type String Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- message
Body String Message body.
- status
Code String HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type string Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- message
Body string Message body.
- status
Code string HTTP response code. Valid values are
2XX,4XX, or5XX.
- content_
type str Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- message_
body str Message body.
- status_
code str HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type String Content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json.- message
Body String Message body.
- status
Code String HTTP response code. Valid values are
2XX,4XX, or5XX.
ListenerDefaultActionForward
- Target
Groups List<ListenerDefault Action Forward Target Group> Set of 1-5 target group blocks. Detailed below.
- Stickiness
Listener
Default Action Forward Stickiness Configuration block for target group stickiness for the rule. Detailed below.
- Target
Groups []ListenerDefault Action Forward Target Group Set of 1-5 target group blocks. Detailed below.
- Stickiness
Listener
Default Action Forward Stickiness Configuration block for target group stickiness for the rule. Detailed below.
- target
Groups List<ListenerDefault Action Forward Target Group> Set of 1-5 target group blocks. Detailed below.
- stickiness
Listener
Default Action Forward Stickiness Configuration block for target group stickiness for the rule. Detailed below.
- target
Groups ListenerDefault Action Forward Target Group[] Set of 1-5 target group blocks. Detailed below.
- stickiness
Listener
Default Action Forward Stickiness Configuration block for target group stickiness for the rule. Detailed below.
- target_
groups Sequence[ListenerDefault Action Forward Target Group] Set of 1-5 target group blocks. Detailed below.
- stickiness
Listener
Default Action Forward Stickiness Configuration block for target group stickiness for the rule. Detailed below.
- target
Groups List<Property Map> Set of 1-5 target group blocks. Detailed below.
- stickiness Property Map
Configuration block for target group stickiness for the rule. Detailed below.
ListenerDefaultActionForwardStickiness
ListenerDefaultActionForwardTargetGroup
ListenerDefaultActionRedirect
- Status
Code string HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- Host string
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- Path string
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- Port string
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- Protocol string
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- Query string
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- Status
Code string HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- Host string
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- Path string
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- Port string
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- Protocol string
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- Query string
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code String HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- host String
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- path String
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- port String
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- protocol String
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- query String
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code string HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- host string
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- path string
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- port string
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- protocol string
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- query string
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status_
code str HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- host str
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- path str
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- port str
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- protocol str
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- query str
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code String HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302).- host String
Hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}.- path String
Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}.- port String
Port. Specify a value from
1to65535or#{port}. Defaults to#{port}.- protocol String
Protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}.- query String
Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
Import
Listeners can be imported using their ARN, e.g.,
$ pulumi import aws:applicationloadbalancing/listener:Listener front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.