Docs Packages
  1. Packages
  2. AWS Classic
  3. API Docs
  4. lb
  5. Listener

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.2.0 published on Monday, Sep 18, 2023 by Pulumi
pulumi/pulumi-aws

aws.lb.Listener

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.2.0 published on Monday, Sep 18, 2023 by Pulumi
pulumi/pulumi-aws

    Provides a Load Balancer Listener resource.

    Note: aws.alb.Listener is known as aws.lb.Listener. The functionality is identical.

    Example Usage

    Forward Action

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
    {
        LoadBalancerArn = frontEndLoadBalancer.Arn,
        Port = 443,
        Protocol = "HTTPS",
        SslPolicy = "ELBSecurityPolicy-2016-08",
        CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "forward",
                TargetGroupArn = frontEndTargetGroup.Arn,
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
			LoadBalancerArn: frontEndLoadBalancer.Arn,
			Port:            pulumi.Int(443),
			Protocol:        pulumi.String("HTTPS"),
			SslPolicy:       pulumi.String("ELBSecurityPolicy-2016-08"),
			CertificateArn:  pulumi.String("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: frontEndTargetGroup.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");

        var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()        
            .loadBalancerArn(frontEndLoadBalancer.arn())
            .port("443")
            .protocol("HTTPS")
            .sslPolicy("ELBSecurityPolicy-2016-08")
            .certificateArn("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4")
            .defaultActions(ListenerDefaultActionArgs.builder()
                .type("forward")
                .targetGroupArn(frontEndTargetGroup.arn())
                .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
    load_balancer_arn=front_end_load_balancer.arn,
    port=443,
    protocol="HTTPS",
    ssl_policy="ELBSecurityPolicy-2016-08",
    certificate_arn="arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
    default_actions=[aws.lb.ListenerDefaultActionArgs(
        type="forward",
        target_group_arn=front_end_target_group.arn,
    )])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
    loadBalancerArn: frontEndLoadBalancer.arn,
    port: 443,
    protocol: "HTTPS",
    sslPolicy: "ELBSecurityPolicy-2016-08",
    certificateArn: "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
    defaultActions: [{
        type: "forward",
        targetGroupArn: frontEndTargetGroup.arn,
    }],
});

    resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndTargetGroup:
    type: aws:lb:TargetGroup
  frontEndListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${frontEndLoadBalancer.arn}
      port: '443'
      protocol: HTTPS
      sslPolicy: ELBSecurityPolicy-2016-08
      certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4
      defaultActions:
        - type: forward
          targetGroupArn: ${frontEndTargetGroup.arn}

    To a NLB

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEnd = new Aws.LB.Listener("frontEnd", new()
    {
        LoadBalancerArn = aws_lb.Front_end.Arn,
        Port = 443,
        Protocol = "TLS",
        CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
        AlpnPolicy = "HTTP2Preferred",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "forward",
                TargetGroupArn = aws_lb_target_group.Front_end.Arn,
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := lb.NewListener(ctx, "frontEnd", &lb.ListenerArgs{
			LoadBalancerArn: pulumi.Any(aws_lb.Front_end.Arn),
			Port:            pulumi.Int(443),
			Protocol:        pulumi.String("TLS"),
			CertificateArn:  pulumi.String("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"),
			AlpnPolicy:      pulumi.String("HTTP2Preferred"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: pulumi.Any(aws_lb_target_group.Front_end.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEnd = new Listener("frontEnd", ListenerArgs.builder()        
            .loadBalancerArn(aws_lb.front_end().arn())
            .port("443")
            .protocol("TLS")
            .certificateArn("arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4")
            .alpnPolicy("HTTP2Preferred")
            .defaultActions(ListenerDefaultActionArgs.builder()
                .type("forward")
                .targetGroupArn(aws_lb_target_group.front_end().arn())
                .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end = aws.lb.Listener("frontEnd",
    load_balancer_arn=aws_lb["front_end"]["arn"],
    port=443,
    protocol="TLS",
    certificate_arn="arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
    alpn_policy="HTTP2Preferred",
    default_actions=[aws.lb.ListenerDefaultActionArgs(
        type="forward",
        target_group_arn=aws_lb_target_group["front_end"]["arn"],
    )])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEnd = new aws.lb.Listener("frontEnd", {
    loadBalancerArn: aws_lb.front_end.arn,
    port: 443,
    protocol: "TLS",
    certificateArn: "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
    alpnPolicy: "HTTP2Preferred",
    defaultActions: [{
        type: "forward",
        targetGroupArn: aws_lb_target_group.front_end.arn,
    }],
});

    resources:
  frontEnd:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${aws_lb.front_end.arn}
      port: '443'
      protocol: TLS
      certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4
      alpnPolicy: HTTP2Preferred
      defaultActions:
        - type: forward
          targetGroupArn: ${aws_lb_target_group.front_end.arn}

    Redirect Action

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
    {
        LoadBalancerArn = frontEndLoadBalancer.Arn,
        Port = 80,
        Protocol = "HTTP",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "redirect",
                Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs
                {
                    Port = "443",
                    Protocol = "HTTPS",
                    StatusCode = "HTTP_301",
                },
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
			LoadBalancerArn: frontEndLoadBalancer.Arn,
			Port:            pulumi.Int(80),
			Protocol:        pulumi.String("HTTP"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type: pulumi.String("redirect"),
					Redirect: &lb.ListenerDefaultActionRedirectArgs{
						Port:       pulumi.String("443"),
						Protocol:   pulumi.String("HTTPS"),
						StatusCode: pulumi.String("HTTP_301"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()        
            .loadBalancerArn(frontEndLoadBalancer.arn())
            .port("80")
            .protocol("HTTP")
            .defaultActions(ListenerDefaultActionArgs.builder()
                .type("redirect")
                .redirect(ListenerDefaultActionRedirectArgs.builder()
                    .port("443")
                    .protocol("HTTPS")
                    .statusCode("HTTP_301")
                    .build())
                .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
    load_balancer_arn=front_end_load_balancer.arn,
    port=80,
    protocol="HTTP",
    default_actions=[aws.lb.ListenerDefaultActionArgs(
        type="redirect",
        redirect=aws.lb.ListenerDefaultActionRedirectArgs(
            port="443",
            protocol="HTTPS",
            status_code="HTTP_301",
        ),
    )])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
    loadBalancerArn: frontEndLoadBalancer.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [{
        type: "redirect",
        redirect: {
            port: "443",
            protocol: "HTTPS",
            statusCode: "HTTP_301",
        },
    }],
});

    resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${frontEndLoadBalancer.arn}
      port: '80'
      protocol: HTTP
      defaultActions:
        - type: redirect
          redirect:
            port: '443'
            protocol: HTTPS
            statusCode: HTTP_301

    Fixed-response Action

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
    {
        LoadBalancerArn = frontEndLoadBalancer.Arn,
        Port = 80,
        Protocol = "HTTP",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "fixed-response",
                FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs
                {
                    ContentType = "text/plain",
                    MessageBody = "Fixed response content",
                    StatusCode = "200",
                },
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
			LoadBalancerArn: frontEndLoadBalancer.Arn,
			Port:            pulumi.Int(80),
			Protocol:        pulumi.String("HTTP"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type: pulumi.String("fixed-response"),
					FixedResponse: &lb.ListenerDefaultActionFixedResponseArgs{
						ContentType: pulumi.String("text/plain"),
						MessageBody: pulumi.String("Fixed response content"),
						StatusCode:  pulumi.String("200"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()        
            .loadBalancerArn(frontEndLoadBalancer.arn())
            .port("80")
            .protocol("HTTP")
            .defaultActions(ListenerDefaultActionArgs.builder()
                .type("fixed-response")
                .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()
                    .contentType("text/plain")
                    .messageBody("Fixed response content")
                    .statusCode("200")
                    .build())
                .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
    load_balancer_arn=front_end_load_balancer.arn,
    port=80,
    protocol="HTTP",
    default_actions=[aws.lb.ListenerDefaultActionArgs(
        type="fixed-response",
        fixed_response=aws.lb.ListenerDefaultActionFixedResponseArgs(
            content_type="text/plain",
            message_body="Fixed response content",
            status_code="200",
        ),
    )])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
    loadBalancerArn: frontEndLoadBalancer.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [{
        type: "fixed-response",
        fixedResponse: {
            contentType: "text/plain",
            messageBody: "Fixed response content",
            statusCode: "200",
        },
    }],
});

    resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${frontEndLoadBalancer.arn}
      port: '80'
      protocol: HTTP
      defaultActions:
        - type: fixed-response
          fixedResponse:
            contentType: text/plain
            messageBody: Fixed response content
            statusCode: '200'

    Authenticate-cognito Action

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");

    // ...
    var pool = new Aws.Cognito.UserPool("pool");

    // ...
    var client = new Aws.Cognito.UserPoolClient("client");

    // ...
    var domain = new Aws.Cognito.UserPoolDomain("domain");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
    {
        LoadBalancerArn = frontEndLoadBalancer.Arn,
        Port = 80,
        Protocol = "HTTP",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "authenticate-cognito",
                AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
                {
                    UserPoolArn = pool.Arn,
                    UserPoolClientId = client.Id,
                    UserPoolDomain = domain.Domain,
                },
            },
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "forward",
                TargetGroupArn = frontEndTargetGroup.Arn,
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
		if err != nil {
			return err
		}
		pool, err := cognito.NewUserPool(ctx, "pool", nil)
		if err != nil {
			return err
		}
		client, err := cognito.NewUserPoolClient(ctx, "client", nil)
		if err != nil {
			return err
		}
		domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
			LoadBalancerArn: frontEndLoadBalancer.Arn,
			Port:            pulumi.Int(80),
			Protocol:        pulumi.String("HTTP"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type: pulumi.String("authenticate-cognito"),
					AuthenticateCognito: &lb.ListenerDefaultActionAuthenticateCognitoArgs{
						UserPoolArn:      pool.Arn,
						UserPoolClientId: client.ID(),
						UserPoolDomain:   domain.Domain,
					},
				},
				&lb.ListenerDefaultActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: frontEndTargetGroup.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolClient;
import com.pulumi.aws.cognito.UserPoolDomain;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");

        var pool = new UserPool("pool");

        var client = new UserPoolClient("client");

        var domain = new UserPoolDomain("domain");

        var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()        
            .loadBalancerArn(frontEndLoadBalancer.arn())
            .port("80")
            .protocol("HTTP")
            .defaultActions(            
                ListenerDefaultActionArgs.builder()
                    .type("authenticate-cognito")
                    .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()
                        .userPoolArn(pool.arn())
                        .userPoolClientId(client.id())
                        .userPoolDomain(domain.domain())
                        .build())
                    .build(),
                ListenerDefaultActionArgs.builder()
                    .type("forward")
                    .targetGroupArn(frontEndTargetGroup.arn())
                    .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
pool = aws.cognito.UserPool("pool")
# ...
client = aws.cognito.UserPoolClient("client")
# ...
domain = aws.cognito.UserPoolDomain("domain")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
    load_balancer_arn=front_end_load_balancer.arn,
    port=80,
    protocol="HTTP",
    default_actions=[
        aws.lb.ListenerDefaultActionArgs(
            type="authenticate-cognito",
            authenticate_cognito=aws.lb.ListenerDefaultActionAuthenticateCognitoArgs(
                user_pool_arn=pool.arn,
                user_pool_client_id=client.id,
                user_pool_domain=domain.domain,
            ),
        ),
        aws.lb.ListenerDefaultActionArgs(
            type="forward",
            target_group_arn=front_end_target_group.arn,
        ),
    ])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const pool = new aws.cognito.UserPool("pool", {});
// ...
const client = new aws.cognito.UserPoolClient("client", {});
// ...
const domain = new aws.cognito.UserPoolDomain("domain", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
    loadBalancerArn: frontEndLoadBalancer.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [
        {
            type: "authenticate-cognito",
            authenticateCognito: {
                userPoolArn: pool.arn,
                userPoolClientId: client.id,
                userPoolDomain: domain.domain,
            },
        },
        {
            type: "forward",
            targetGroupArn: frontEndTargetGroup.arn,
        },
    ],
});

    resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndTargetGroup:
    type: aws:lb:TargetGroup
  pool:
    type: aws:cognito:UserPool
  client:
    type: aws:cognito:UserPoolClient
  domain:
    type: aws:cognito:UserPoolDomain
  frontEndListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${frontEndLoadBalancer.arn}
      port: '80'
      protocol: HTTP
      defaultActions:
        - type: authenticate-cognito
          authenticateCognito:
            userPoolArn: ${pool.arn}
            userPoolClientId: ${client.id}
            userPoolDomain: ${domain.domain}
        - type: forward
          targetGroupArn: ${frontEndTargetGroup.arn}

    Authenticate-OIDC Action

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener", new()
    {
        LoadBalancerArn = frontEndLoadBalancer.Arn,
        Port = 80,
        Protocol = "HTTP",
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "authenticate-oidc",
                AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
                {
                    AuthorizationEndpoint = "https://example.com/authorization_endpoint",
                    ClientId = "client_id",
                    ClientSecret = "client_secret",
                    Issuer = "https://example.com",
                    TokenEndpoint = "https://example.com/token_endpoint",
                    UserInfoEndpoint = "https://example.com/user_info_endpoint",
                },
            },
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "forward",
                TargetGroupArn = frontEndTargetGroup.Arn,
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		frontEndLoadBalancer, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		frontEndTargetGroup, err := lb.NewTargetGroup(ctx, "frontEndTargetGroup", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "frontEndListener", &lb.ListenerArgs{
			LoadBalancerArn: frontEndLoadBalancer.Arn,
			Port:            pulumi.Int(80),
			Protocol:        pulumi.String("HTTP"),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					Type: pulumi.String("authenticate-oidc"),
					AuthenticateOidc: &lb.ListenerDefaultActionAuthenticateOidcArgs{
						AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"),
						ClientId:              pulumi.String("client_id"),
						ClientSecret:          pulumi.String("client_secret"),
						Issuer:                pulumi.String("https://example.com"),
						TokenEndpoint:         pulumi.String("https://example.com/token_endpoint"),
						UserInfoEndpoint:      pulumi.String("https://example.com/user_info_endpoint"),
					},
				},
				&lb.ListenerDefaultActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: frontEndTargetGroup.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndTargetGroup = new TargetGroup("frontEndTargetGroup");

        var frontEndListener = new Listener("frontEndListener", ListenerArgs.builder()        
            .loadBalancerArn(frontEndLoadBalancer.arn())
            .port("80")
            .protocol("HTTP")
            .defaultActions(            
                ListenerDefaultActionArgs.builder()
                    .type("authenticate-oidc")
                    .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()
                        .authorizationEndpoint("https://example.com/authorization_endpoint")
                        .clientId("client_id")
                        .clientSecret("client_secret")
                        .issuer("https://example.com")
                        .tokenEndpoint("https://example.com/token_endpoint")
                        .userInfoEndpoint("https://example.com/user_info_endpoint")
                        .build())
                    .build(),
                ListenerDefaultActionArgs.builder()
                    .type("forward")
                    .targetGroupArn(frontEndTargetGroup.arn())
                    .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_target_group = aws.lb.TargetGroup("frontEndTargetGroup")
# ...
front_end_listener = aws.lb.Listener("frontEndListener",
    load_balancer_arn=front_end_load_balancer.arn,
    port=80,
    protocol="HTTP",
    default_actions=[
        aws.lb.ListenerDefaultActionArgs(
            type="authenticate-oidc",
            authenticate_oidc=aws.lb.ListenerDefaultActionAuthenticateOidcArgs(
                authorization_endpoint="https://example.com/authorization_endpoint",
                client_id="client_id",
                client_secret="client_secret",
                issuer="https://example.com",
                token_endpoint="https://example.com/token_endpoint",
                user_info_endpoint="https://example.com/user_info_endpoint",
            ),
        ),
        aws.lb.ListenerDefaultActionArgs(
            type="forward",
            target_group_arn=front_end_target_group.arn,
        ),
    ])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndTargetGroup = new aws.lb.TargetGroup("frontEndTargetGroup", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {
    loadBalancerArn: frontEndLoadBalancer.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [
        {
            type: "authenticate-oidc",
            authenticateOidc: {
                authorizationEndpoint: "https://example.com/authorization_endpoint",
                clientId: "client_id",
                clientSecret: "client_secret",
                issuer: "https://example.com",
                tokenEndpoint: "https://example.com/token_endpoint",
                userInfoEndpoint: "https://example.com/user_info_endpoint",
            },
        },
        {
            type: "forward",
            targetGroupArn: frontEndTargetGroup.arn,
        },
    ],
});

    resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndTargetGroup:
    type: aws:lb:TargetGroup
  frontEndListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${frontEndLoadBalancer.arn}
      port: '80'
      protocol: HTTP
      defaultActions:
        - type: authenticate-oidc
          authenticateOidc:
            authorizationEndpoint: https://example.com/authorization_endpoint
            clientId: client_id
            clientSecret: client_secret
            issuer: https://example.com
            tokenEndpoint: https://example.com/token_endpoint
            userInfoEndpoint: https://example.com/user_info_endpoint
        - type: forward
          targetGroupArn: ${frontEndTargetGroup.arn}

    Gateway Load Balancer Listener

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleLoadBalancer = new Aws.LB.LoadBalancer("exampleLoadBalancer", new()
    {
        LoadBalancerType = "gateway",
        SubnetMappings = new[]
        {
            new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
            {
                SubnetId = aws_subnet.Example.Id,
            },
        },
    });

    var exampleTargetGroup = new Aws.LB.TargetGroup("exampleTargetGroup", new()
    {
        Port = 6081,
        Protocol = "GENEVE",
        VpcId = aws_vpc.Example.Id,
        HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs
        {
            Port = "80",
            Protocol = "HTTP",
        },
    });

    var exampleListener = new Aws.LB.Listener("exampleListener", new()
    {
        LoadBalancerArn = exampleLoadBalancer.Id,
        DefaultActions = new[]
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                TargetGroupArn = exampleTargetGroup.Id,
                Type = "forward",
            },
        },
    });

});

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleLoadBalancer, err := lb.NewLoadBalancer(ctx, "exampleLoadBalancer", &lb.LoadBalancerArgs{
			LoadBalancerType: pulumi.String("gateway"),
			SubnetMappings: lb.LoadBalancerSubnetMappingArray{
				&lb.LoadBalancerSubnetMappingArgs{
					SubnetId: pulumi.Any(aws_subnet.Example.Id),
				},
			},
		})
		if err != nil {
			return err
		}
		exampleTargetGroup, err := lb.NewTargetGroup(ctx, "exampleTargetGroup", &lb.TargetGroupArgs{
			Port:     pulumi.Int(6081),
			Protocol: pulumi.String("GENEVE"),
			VpcId:    pulumi.Any(aws_vpc.Example.Id),
			HealthCheck: &lb.TargetGroupHealthCheckArgs{
				Port:     pulumi.String("80"),
				Protocol: pulumi.String("HTTP"),
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListener(ctx, "exampleListener", &lb.ListenerArgs{
			LoadBalancerArn: exampleLoadBalancer.ID(),
			DefaultActions: lb.ListenerDefaultActionArray{
				&lb.ListenerDefaultActionArgs{
					TargetGroupArn: exampleTargetGroup.ID(),
					Type:           pulumi.String("forward"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.LoadBalancerArgs;
import com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;
import com.pulumi.aws.lb.TargetGroup;
import com.pulumi.aws.lb.TargetGroupArgs;
import com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerArgs;
import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleLoadBalancer = new LoadBalancer("exampleLoadBalancer", LoadBalancerArgs.builder()        
            .loadBalancerType("gateway")
            .subnetMappings(LoadBalancerSubnetMappingArgs.builder()
                .subnetId(aws_subnet.example().id())
                .build())
            .build());

        var exampleTargetGroup = new TargetGroup("exampleTargetGroup", TargetGroupArgs.builder()        
            .port(6081)
            .protocol("GENEVE")
            .vpcId(aws_vpc.example().id())
            .healthCheck(TargetGroupHealthCheckArgs.builder()
                .port(80)
                .protocol("HTTP")
                .build())
            .build());

        var exampleListener = new Listener("exampleListener", ListenerArgs.builder()        
            .loadBalancerArn(exampleLoadBalancer.id())
            .defaultActions(ListenerDefaultActionArgs.builder()
                .targetGroupArn(exampleTargetGroup.id())
                .type("forward")
                .build())
            .build());

    }
}

    import pulumi
import pulumi_aws as aws

example_load_balancer = aws.lb.LoadBalancer("exampleLoadBalancer",
    load_balancer_type="gateway",
    subnet_mappings=[aws.lb.LoadBalancerSubnetMappingArgs(
        subnet_id=aws_subnet["example"]["id"],
    )])
example_target_group = aws.lb.TargetGroup("exampleTargetGroup",
    port=6081,
    protocol="GENEVE",
    vpc_id=aws_vpc["example"]["id"],
    health_check=aws.lb.TargetGroupHealthCheckArgs(
        port="80",
        protocol="HTTP",
    ))
example_listener = aws.lb.Listener("exampleListener",
    load_balancer_arn=example_load_balancer.id,
    default_actions=[aws.lb.ListenerDefaultActionArgs(
        target_group_arn=example_target_group.id,
        type="forward",
    )])

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleLoadBalancer = new aws.lb.LoadBalancer("exampleLoadBalancer", {
    loadBalancerType: "gateway",
    subnetMappings: [{
        subnetId: aws_subnet.example.id,
    }],
});
const exampleTargetGroup = new aws.lb.TargetGroup("exampleTargetGroup", {
    port: 6081,
    protocol: "GENEVE",
    vpcId: aws_vpc.example.id,
    healthCheck: {
        port: "80",
        protocol: "HTTP",
    },
});
const exampleListener = new aws.lb.Listener("exampleListener", {
    loadBalancerArn: exampleLoadBalancer.id,
    defaultActions: [{
        targetGroupArn: exampleTargetGroup.id,
        type: "forward",
    }],
});

    resources:
  exampleLoadBalancer:
    type: aws:lb:LoadBalancer
    properties:
      loadBalancerType: gateway
      subnetMappings:
        - subnetId: ${aws_subnet.example.id}
  exampleTargetGroup:
    type: aws:lb:TargetGroup
    properties:
      port: 6081
      protocol: GENEVE
      vpcId: ${aws_vpc.example.id}
      healthCheck:
        port: 80
        protocol: HTTP
  exampleListener:
    type: aws:lb:Listener
    properties:
      loadBalancerArn: ${exampleLoadBalancer.id}
      defaultActions:
        - targetGroupArn: ${exampleTargetGroup.id}
          type: forward

    Create Listener Resource

    new Listener(name: string, args: ListenerArgs, opts?: CustomResourceOptions);
    @overload
def Listener(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             alpn_policy: Optional[str] = None,
             certificate_arn: Optional[str] = None,
             default_actions: Optional[Sequence[ListenerDefaultActionArgs]] = None,
             load_balancer_arn: Optional[str] = None,
             port: Optional[int] = None,
             protocol: Optional[str] = None,
             ssl_policy: Optional[str] = None,
             tags: Optional[Mapping[str, str]] = None)
@overload
def Listener(resource_name: str,
             args: ListenerArgs,
             opts: Optional[ResourceOptions] = None)
    func NewListener(ctx *Context, name string, args ListenerArgs, opts ...ResourceOption) (*Listener, error)
    public Listener(string name, ListenerArgs args, CustomResourceOptions? opts = null)
    public Listener(String name, ListenerArgs args)
public Listener(String name, ListenerArgs args, CustomResourceOptions options)

    type: aws:lb:Listener
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ListenerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ListenerArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ListenerArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ListenerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ListenerArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Listener Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Listener resource accepts the following input properties:

    DefaultActions List<ListenerDefaultAction>

    Configuration block for default actions. Detailed below.

    LoadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    AlpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    CertificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    Port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    Protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    SslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    Tags Dictionary<string, string>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    DefaultActions []ListenerDefaultActionArgs

    Configuration block for default actions. Detailed below.

    LoadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    AlpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    CertificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    Port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    Protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    SslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    Tags map[string]string

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    defaultActions List<ListenerDefaultAction>

    Configuration block for default actions. Detailed below.

    loadBalancerArn String

    ARN of the load balancer.

    The following arguments are optional:

    alpnPolicy String

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    certificateArn String

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    port Integer

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol String

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy String

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Map<String,String>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    defaultActions ListenerDefaultAction[]

    Configuration block for default actions. Detailed below.

    loadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    alpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    certificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    port number

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags {[key: string]: string}

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    default_actions Sequence[ListenerDefaultActionArgs]

    Configuration block for default actions. Detailed below.

    load_balancer_arn str

    ARN of the load balancer.

    The following arguments are optional:

    alpn_policy str

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    certificate_arn str

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol str

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    ssl_policy str

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Mapping[str, str]

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    defaultActions List<Property Map>

    Configuration block for default actions. Detailed below.

    loadBalancerArn String

    ARN of the load balancer.

    The following arguments are optional:

    alpnPolicy String

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    certificateArn String

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    port Number

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol String

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy String

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Map<String>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Listener resource produces the following output properties:

    Arn string

    ARN of the target group.

    The following arguments are optional:

    Id string

    The provider-assigned unique ID for this managed resource.

    TagsAll Dictionary<string, string>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Arn string

    ARN of the target group.

    The following arguments are optional:

    Id string

    The provider-assigned unique ID for this managed resource.

    TagsAll map[string]string

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    arn String

    ARN of the target group.

    The following arguments are optional:

    id String

    The provider-assigned unique ID for this managed resource.

    tagsAll Map<String,String>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    arn string

    ARN of the target group.

    The following arguments are optional:

    id string

    The provider-assigned unique ID for this managed resource.

    tagsAll {[key: string]: string}

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    arn str

    ARN of the target group.

    The following arguments are optional:

    id str

    The provider-assigned unique ID for this managed resource.

    tags_all Mapping[str, str]

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    arn String

    ARN of the target group.

    The following arguments are optional:

    id String

    The provider-assigned unique ID for this managed resource.

    tagsAll Map<String>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Look up Existing Listener Resource

    Get an existing Listener resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ListenerState, opts?: CustomResourceOptions): Listener
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alpn_policy: Optional[str] = None,
        arn: Optional[str] = None,
        certificate_arn: Optional[str] = None,
        default_actions: Optional[Sequence[ListenerDefaultActionArgs]] = None,
        load_balancer_arn: Optional[str] = None,
        port: Optional[int] = None,
        protocol: Optional[str] = None,
        ssl_policy: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None) -> Listener
    func GetListener(ctx *Context, name string, id IDInput, state *ListenerState, opts ...ResourceOption) (*Listener, error)
    public static Listener Get(string name, Input<string> id, ListenerState? state, CustomResourceOptions? opts = null)
    public static Listener get(String name, Output<String> id, ListenerState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AlpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    Arn string

    ARN of the target group.

    The following arguments are optional:

    CertificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    DefaultActions List<ListenerDefaultAction>

    Configuration block for default actions. Detailed below.

    LoadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    Port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    Protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    SslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    Tags Dictionary<string, string>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    TagsAll Dictionary<string, string>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    AlpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    Arn string

    ARN of the target group.

    The following arguments are optional:

    CertificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    DefaultActions []ListenerDefaultActionArgs

    Configuration block for default actions. Detailed below.

    LoadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    Port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    Protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    SslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    Tags map[string]string

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    TagsAll map[string]string

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    alpnPolicy String

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    arn String

    ARN of the target group.

    The following arguments are optional:

    certificateArn String

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    defaultActions List<ListenerDefaultAction>

    Configuration block for default actions. Detailed below.

    loadBalancerArn String

    ARN of the load balancer.

    The following arguments are optional:

    port Integer

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol String

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy String

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Map<String,String>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    tagsAll Map<String,String>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    alpnPolicy string

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    arn string

    ARN of the target group.

    The following arguments are optional:

    certificateArn string

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    defaultActions ListenerDefaultAction[]

    Configuration block for default actions. Detailed below.

    loadBalancerArn string

    ARN of the load balancer.

    The following arguments are optional:

    port number

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol string

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy string

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags {[key: string]: string}

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    tagsAll {[key: string]: string}

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    alpn_policy str

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    arn str

    ARN of the target group.

    The following arguments are optional:

    certificate_arn str

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    default_actions Sequence[ListenerDefaultActionArgs]

    Configuration block for default actions. Detailed below.

    load_balancer_arn str

    ARN of the load balancer.

    The following arguments are optional:

    port int

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol str

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    ssl_policy str

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Mapping[str, str]

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    tags_all Mapping[str, str]

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    alpnPolicy String

    Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocol is TLS. Valid values are HTTP1Only, HTTP2Only, HTTP2Optional, HTTP2Preferred, and None.

    arn String

    ARN of the target group.

    The following arguments are optional:

    certificateArn String

    ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificate resource.

    defaultActions List<Property Map>

    Configuration block for default actions. Detailed below.

    loadBalancerArn String

    ARN of the load balancer.

    The following arguments are optional:

    port Number

    Port on which the load balancer is listening. Not valid for Gateway Load Balancers.

    protocol String

    Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTP and HTTPS, with a default of HTTP. For Network Load Balancers, valid values are TCP, TLS, UDP, and TCP_UDP. Not valid to use UDP or TCP_UDP if dual-stack mode is enabled. Not valid for Gateway Load Balancers.

    sslPolicy String

    Name of the SSL Policy for the listener. Required if protocol is HTTPS or TLS.

    tags Map<String>

    A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

    NOTE:: Please note that listeners that are attached to Application Load Balancers must use either HTTP or HTTPS protocols while listeners that are attached to Network Load Balancers must use the TCP protocol.

    tagsAll Map<String>

    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Supporting Types

    ListenerDefaultAction, ListenerDefaultActionArgs

    Type string

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    AuthenticateCognito ListenerDefaultActionAuthenticateCognito

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    AuthenticateOidc ListenerDefaultActionAuthenticateOidc

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    FixedResponse ListenerDefaultActionFixedResponse

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    Forward ListenerDefaultActionForward

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    Order int

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    Redirect ListenerDefaultActionRedirect

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    TargetGroupArn string

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    Type string

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    AuthenticateCognito ListenerDefaultActionAuthenticateCognito

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    AuthenticateOidc ListenerDefaultActionAuthenticateOidc

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    FixedResponse ListenerDefaultActionFixedResponse

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    Forward ListenerDefaultActionForward

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    Order int

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    Redirect ListenerDefaultActionRedirect

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    TargetGroupArn string

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    type String

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    authenticateCognito ListenerDefaultActionAuthenticateCognito

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    authenticateOidc ListenerDefaultActionAuthenticateOidc

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    fixedResponse ListenerDefaultActionFixedResponse

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    forward ListenerDefaultActionForward

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    order Integer

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    redirect ListenerDefaultActionRedirect

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    targetGroupArn String

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    type string

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    authenticateCognito ListenerDefaultActionAuthenticateCognito

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    authenticateOidc ListenerDefaultActionAuthenticateOidc

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    fixedResponse ListenerDefaultActionFixedResponse

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    forward ListenerDefaultActionForward

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    order number

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    redirect ListenerDefaultActionRedirect

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    targetGroupArn string

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    type str

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    authenticate_cognito ListenerDefaultActionAuthenticateCognito

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    authenticate_oidc ListenerDefaultActionAuthenticateOidc

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    fixed_response ListenerDefaultActionFixedResponse

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    forward ListenerDefaultActionForward

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    order int

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    redirect ListenerDefaultActionRedirect

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    target_group_arn str

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    type String

    Type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

    The following arguments are optional:

    authenticateCognito Property Map

    Configuration block for using Amazon Cognito to authenticate users. Specify only when type is authenticate-cognito. Detailed below.

    authenticateOidc Property Map

    Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when type is authenticate-oidc. Detailed below.

    fixedResponse Property Map

    Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

    forward Property Map

    Configuration block for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn. Detailed below.

    order Number

    Order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. Valid values are between 1 and 50000.

    redirect Property Map

    Configuration block for creating a redirect action. Required if type is redirect. Detailed below.

    targetGroupArn String

    ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

    ListenerDefaultActionAuthenticateCognito, ListenerDefaultActionAuthenticateCognitoArgs

    UserPoolArn string

    ARN of the Cognito user pool.

    UserPoolClientId string

    ID of the Cognito user pool client.

    UserPoolDomain string

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    AuthenticationRequestExtraParams Dictionary<string, string>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    OnUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    Scope string

    Set of user claims to be requested from the IdP.

    SessionCookieName string

    Name of the cookie used to maintain session information.

    SessionTimeout int

    Maximum duration of the authentication session, in seconds.

    UserPoolArn string

    ARN of the Cognito user pool.

    UserPoolClientId string

    ID of the Cognito user pool client.

    UserPoolDomain string

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    AuthenticationRequestExtraParams map[string]string

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    OnUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    Scope string

    Set of user claims to be requested from the IdP.

    SessionCookieName string

    Name of the cookie used to maintain session information.

    SessionTimeout int

    Maximum duration of the authentication session, in seconds.

    userPoolArn String

    ARN of the Cognito user pool.

    userPoolClientId String

    ID of the Cognito user pool client.

    userPoolDomain String

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    authenticationRequestExtraParams Map<String,String>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    onUnauthenticatedRequest String

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    scope String

    Set of user claims to be requested from the IdP.

    sessionCookieName String

    Name of the cookie used to maintain session information.

    sessionTimeout Integer

    Maximum duration of the authentication session, in seconds.

    userPoolArn string

    ARN of the Cognito user pool.

    userPoolClientId string

    ID of the Cognito user pool client.

    userPoolDomain string

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    authenticationRequestExtraParams {[key: string]: string}

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    onUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    scope string

    Set of user claims to be requested from the IdP.

    sessionCookieName string

    Name of the cookie used to maintain session information.

    sessionTimeout number

    Maximum duration of the authentication session, in seconds.

    user_pool_arn str

    ARN of the Cognito user pool.

    user_pool_client_id str

    ID of the Cognito user pool client.

    user_pool_domain str

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    authentication_request_extra_params Mapping[str, str]

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    on_unauthenticated_request str

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    scope str

    Set of user claims to be requested from the IdP.

    session_cookie_name str

    Name of the cookie used to maintain session information.

    session_timeout int

    Maximum duration of the authentication session, in seconds.

    userPoolArn String

    ARN of the Cognito user pool.

    userPoolClientId String

    ID of the Cognito user pool client.

    userPoolDomain String

    Domain prefix or fully-qualified domain name of the Cognito user pool.

    The following arguments are optional:

    authenticationRequestExtraParams Map<String>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10. Detailed below.

    onUnauthenticatedRequest String

    Behavior if the user is not authenticated. Valid values are deny, allow and authenticate.

    scope String

    Set of user claims to be requested from the IdP.

    sessionCookieName String

    Name of the cookie used to maintain session information.

    sessionTimeout Number

    Maximum duration of the authentication session, in seconds.

    ListenerDefaultActionAuthenticateOidc, ListenerDefaultActionAuthenticateOidcArgs

    AuthorizationEndpoint string

    Authorization endpoint of the IdP.

    ClientId string

    OAuth 2.0 client identifier.

    ClientSecret string

    OAuth 2.0 client secret.

    Issuer string

    OIDC issuer identifier of the IdP.

    TokenEndpoint string

    Token endpoint of the IdP.

    UserInfoEndpoint string

    User info endpoint of the IdP.

    The following arguments are optional:

    AuthenticationRequestExtraParams Dictionary<string, string>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    OnUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    Scope string

    Set of user claims to be requested from the IdP.

    SessionCookieName string

    Name of the cookie used to maintain session information.

    SessionTimeout int

    Maximum duration of the authentication session, in seconds.

    AuthorizationEndpoint string

    Authorization endpoint of the IdP.

    ClientId string

    OAuth 2.0 client identifier.

    ClientSecret string

    OAuth 2.0 client secret.

    Issuer string

    OIDC issuer identifier of the IdP.

    TokenEndpoint string

    Token endpoint of the IdP.

    UserInfoEndpoint string

    User info endpoint of the IdP.

    The following arguments are optional:

    AuthenticationRequestExtraParams map[string]string

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    OnUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    Scope string

    Set of user claims to be requested from the IdP.

    SessionCookieName string

    Name of the cookie used to maintain session information.

    SessionTimeout int

    Maximum duration of the authentication session, in seconds.

    authorizationEndpoint String

    Authorization endpoint of the IdP.

    clientId String

    OAuth 2.0 client identifier.

    clientSecret String

    OAuth 2.0 client secret.

    issuer String

    OIDC issuer identifier of the IdP.

    tokenEndpoint String

    Token endpoint of the IdP.

    userInfoEndpoint String

    User info endpoint of the IdP.

    The following arguments are optional:

    authenticationRequestExtraParams Map<String,String>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    onUnauthenticatedRequest String

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    scope String

    Set of user claims to be requested from the IdP.

    sessionCookieName String

    Name of the cookie used to maintain session information.

    sessionTimeout Integer

    Maximum duration of the authentication session, in seconds.

    authorizationEndpoint string

    Authorization endpoint of the IdP.

    clientId string

    OAuth 2.0 client identifier.

    clientSecret string

    OAuth 2.0 client secret.

    issuer string

    OIDC issuer identifier of the IdP.

    tokenEndpoint string

    Token endpoint of the IdP.

    userInfoEndpoint string

    User info endpoint of the IdP.

    The following arguments are optional:

    authenticationRequestExtraParams {[key: string]: string}

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    onUnauthenticatedRequest string

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    scope string

    Set of user claims to be requested from the IdP.

    sessionCookieName string

    Name of the cookie used to maintain session information.

    sessionTimeout number

    Maximum duration of the authentication session, in seconds.

    authorization_endpoint str

    Authorization endpoint of the IdP.

    client_id str

    OAuth 2.0 client identifier.

    client_secret str

    OAuth 2.0 client secret.

    issuer str

    OIDC issuer identifier of the IdP.

    token_endpoint str

    Token endpoint of the IdP.

    user_info_endpoint str

    User info endpoint of the IdP.

    The following arguments are optional:

    authentication_request_extra_params Mapping[str, str]

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    on_unauthenticated_request str

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    scope str

    Set of user claims to be requested from the IdP.

    session_cookie_name str

    Name of the cookie used to maintain session information.

    session_timeout int

    Maximum duration of the authentication session, in seconds.

    authorizationEndpoint String

    Authorization endpoint of the IdP.

    clientId String

    OAuth 2.0 client identifier.

    clientSecret String

    OAuth 2.0 client secret.

    issuer String

    OIDC issuer identifier of the IdP.

    tokenEndpoint String

    Token endpoint of the IdP.

    userInfoEndpoint String

    User info endpoint of the IdP.

    The following arguments are optional:

    authenticationRequestExtraParams Map<String>

    Query parameters to include in the redirect request to the authorization endpoint. Max: 10.

    onUnauthenticatedRequest String

    Behavior if the user is not authenticated. Valid values: deny, allow and authenticate

    scope String

    Set of user claims to be requested from the IdP.

    sessionCookieName String

    Name of the cookie used to maintain session information.

    sessionTimeout Number

    Maximum duration of the authentication session, in seconds.

    ListenerDefaultActionFixedResponse, ListenerDefaultActionFixedResponseArgs

    ContentType string

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    MessageBody string

    Message body.

    StatusCode string

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    ContentType string

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    MessageBody string

    Message body.

    StatusCode string

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    contentType String

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    messageBody String

    Message body.

    statusCode String

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    contentType string

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    messageBody string

    Message body.

    statusCode string

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    content_type str

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    message_body str

    Message body.

    status_code str

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    contentType String

    Content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

    The following arguments are optional:

    messageBody String

    Message body.

    statusCode String

    HTTP response code. Valid values are 2XX, 4XX, or 5XX.

    ListenerDefaultActionForward, ListenerDefaultActionForwardArgs

    TargetGroups List<ListenerDefaultActionForwardTargetGroup>

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    Stickiness ListenerDefaultActionForwardStickiness

    Configuration block for target group stickiness for the rule. Detailed below.

    TargetGroups []ListenerDefaultActionForwardTargetGroup

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    Stickiness ListenerDefaultActionForwardStickiness

    Configuration block for target group stickiness for the rule. Detailed below.

    targetGroups List<ListenerDefaultActionForwardTargetGroup>

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    stickiness ListenerDefaultActionForwardStickiness

    Configuration block for target group stickiness for the rule. Detailed below.

    targetGroups ListenerDefaultActionForwardTargetGroup[]

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    stickiness ListenerDefaultActionForwardStickiness

    Configuration block for target group stickiness for the rule. Detailed below.

    target_groups Sequence[ListenerDefaultActionForwardTargetGroup]

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    stickiness ListenerDefaultActionForwardStickiness

    Configuration block for target group stickiness for the rule. Detailed below.

    targetGroups List<Property Map>

    Set of 1-5 target group blocks. Detailed below.

    The following arguments are optional:

    stickiness Property Map

    Configuration block for target group stickiness for the rule. Detailed below.

    ListenerDefaultActionForwardStickiness, ListenerDefaultActionForwardStickinessArgs

    Duration int

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    Enabled bool

    Whether target group stickiness is enabled. Default is false.

    Duration int

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    Enabled bool

    Whether target group stickiness is enabled. Default is false.

    duration Integer

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    enabled Boolean

    Whether target group stickiness is enabled. Default is false.

    duration number

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    enabled boolean

    Whether target group stickiness is enabled. Default is false.

    duration int

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    enabled bool

    Whether target group stickiness is enabled. Default is false.

    duration Number

    Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

    The following arguments are optional:

    enabled Boolean

    Whether target group stickiness is enabled. Default is false.

    ListenerDefaultActionForwardTargetGroup, ListenerDefaultActionForwardTargetGroupArgs

    Arn string

    ARN of the target group.

    The following arguments are optional:

    Weight int

    Weight. The range is 0 to 999.

    Arn string

    ARN of the target group.

    The following arguments are optional:

    Weight int

    Weight. The range is 0 to 999.

    arn String

    ARN of the target group.

    The following arguments are optional:

    weight Integer

    Weight. The range is 0 to 999.

    arn string

    ARN of the target group.

    The following arguments are optional:

    weight number

    Weight. The range is 0 to 999.

    arn str

    ARN of the target group.

    The following arguments are optional:

    weight int

    Weight. The range is 0 to 999.

    arn String

    ARN of the target group.

    The following arguments are optional:

    weight Number

    Weight. The range is 0 to 999.

    ListenerDefaultActionRedirect, ListenerDefaultActionRedirectArgs

    StatusCode string

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    Host string

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    Path string

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    Port string

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    Protocol string

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    Query string

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    StatusCode string

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    Host string

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    Path string

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    Port string

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    Protocol string

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    Query string

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    statusCode String

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    host String

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    path String

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    port String

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    protocol String

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    query String

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    statusCode string

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    host string

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    path string

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    port string

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    protocol string

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    query string

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    status_code str

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    host str

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    path str

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    port str

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    protocol str

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    query str

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    statusCode String

    HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

    The following arguments are optional:

    host String

    Hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

    path String

    Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

    port String

    Port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

    protocol String

    Protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

    query String

    Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

    Import

    Using pulumi import, import listeners using their ARN. For example:

     $ pulumi import aws:lb/listener:Listener front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the aws Terraform Provider.

    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.2.0 published on Monday, Sep 18, 2023 by Pulumi
    pulumi/pulumi-aws