aws logo
AWS Classic v5.33.0, Mar 24 23

aws.lb.ListenerRule

Provides a Load Balancer Listener Rule resource.

Note: aws.alb.ListenerRule is known as aws.lb.ListenerRule. The functionality is identical.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer");

    // ...
    var frontEndListener = new Aws.LB.Listener("frontEndListener");

    // Other parameters
    var @static = new Aws.LB.ListenerRule("static", new()
    {
        ListenerArn = frontEndListener.Arn,
        Priority = 100,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "forward",
                TargetGroupArn = aws_lb_target_group.Static.Arn,
            },
        },
        Conditions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs
                {
                    Values = new[]
                    {
                        "/static/*",
                    },
                },
            },
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
                {
                    Values = new[]
                    {
                        "example.com",
                    },
                },
            },
        },
    });

    // Forward action
    var hostBasedWeightedRouting = new Aws.LB.ListenerRule("hostBasedWeightedRouting", new()
    {
        ListenerArn = frontEndListener.Arn,
        Priority = 99,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "forward",
                TargetGroupArn = aws_lb_target_group.Static.Arn,
            },
        },
        Conditions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
                {
                    Values = new[]
                    {
                        "my-service.*.mycompany.io",
                    },
                },
            },
        },
    });

    // Weighted Forward action
    var hostBasedRouting = new Aws.LB.ListenerRule("hostBasedRouting", new()
    {
        ListenerArn = frontEndListener.Arn,
        Priority = 99,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "forward",
                Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs
                {
                    TargetGroups = new[]
                    {
                        new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
                        {
                            Arn = aws_lb_target_group.Main.Arn,
                            Weight = 80,
                        },
                        new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
                        {
                            Arn = aws_lb_target_group.Canary.Arn,
                            Weight = 20,
                        },
                    },
                    Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs
                    {
                        Enabled = true,
                        Duration = 600,
                    },
                },
            },
        },
        Conditions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
                {
                    Values = new[]
                    {
                        "my-service.*.mycompany.io",
                    },
                },
            },
        },
    });

    // Redirect action
    var redirectHttpToHttps = new Aws.LB.ListenerRule("redirectHttpToHttps", new()
    {
        ListenerArn = frontEndListener.Arn,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "redirect",
                Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs
                {
                    Port = "443",
                    Protocol = "HTTPS",
                    StatusCode = "HTTP_301",
                },
            },
        },
        Conditions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs
                {
                    HttpHeaderName = "X-Forwarded-For",
                    Values = new[]
                    {
                        "192.168.1.*",
                    },
                },
            },
        },
    });

    // Fixed-response action
    var healthCheck = new Aws.LB.ListenerRule("healthCheck", new()
    {
        ListenerArn = frontEndListener.Arn,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "fixed-response",
                FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs
                {
                    ContentType = "text/plain",
                    MessageBody = "HEALTHY",
                    StatusCode = "200",
                },
            },
        },
        Conditions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleConditionArgs
            {
                QueryStrings = new[]
                {
                    new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
                    {
                        Key = "health",
                        Value = "check",
                    },
                    new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
                    {
                        Value = "bar",
                    },
                },
            },
        },
    });

    // Authenticate-cognito Action
    var pool = new Aws.Cognito.UserPool("pool");

    // ...
    var client = new Aws.Cognito.UserPoolClient("client");

    // ...
    var domain = new Aws.Cognito.UserPoolDomain("domain");

    // ...
    var admin = new Aws.LB.ListenerRule("admin", new()
    {
        ListenerArn = frontEndListener.Arn,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "authenticate-cognito",
                AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs
                {
                    UserPoolArn = pool.Arn,
                    UserPoolClientId = client.Id,
                    UserPoolDomain = domain.Domain,
                },
            },
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "forward",
                TargetGroupArn = aws_lb_target_group.Static.Arn,
            },
        },
    });

    // Authenticate-oidc Action
    var oidc = new Aws.LB.ListenerRule("oidc", new()
    {
        ListenerArn = frontEndListener.Arn,
        Actions = new[]
        {
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "authenticate-oidc",
                AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs
                {
                    AuthorizationEndpoint = "https://example.com/authorization_endpoint",
                    ClientId = "client_id",
                    ClientSecret = "client_secret",
                    Issuer = "https://example.com",
                    TokenEndpoint = "https://example.com/token_endpoint",
                    UserInfoEndpoint = "https://example.com/user_info_endpoint",
                },
            },
            new Aws.LB.Inputs.ListenerRuleActionArgs
            {
                Type = "forward",
                TargetGroupArn = aws_lb_target_group.Static.Arn,
            },
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cognito"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := lb.NewLoadBalancer(ctx, "frontEndLoadBalancer", nil)
		if err != nil {
			return err
		}
		frontEndListener, err := lb.NewListener(ctx, "frontEndListener", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "static", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Priority:    pulumi.Int(100),
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: pulumi.Any(aws_lb_target_group.Static.Arn),
				},
			},
			Conditions: lb.ListenerRuleConditionArray{
				&lb.ListenerRuleConditionArgs{
					PathPattern: &lb.ListenerRuleConditionPathPatternArgs{
						Values: pulumi.StringArray{
							pulumi.String("/static/*"),
						},
					},
				},
				&lb.ListenerRuleConditionArgs{
					HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
						Values: pulumi.StringArray{
							pulumi.String("example.com"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "hostBasedWeightedRouting", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Priority:    pulumi.Int(99),
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: pulumi.Any(aws_lb_target_group.Static.Arn),
				},
			},
			Conditions: lb.ListenerRuleConditionArray{
				&lb.ListenerRuleConditionArgs{
					HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
						Values: pulumi.StringArray{
							pulumi.String("my-service.*.mycompany.io"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "hostBasedRouting", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Priority:    pulumi.Int(99),
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type: pulumi.String("forward"),
					Forward: &lb.ListenerRuleActionForwardArgs{
						TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{
							&lb.ListenerRuleActionForwardTargetGroupArgs{
								Arn:    pulumi.Any(aws_lb_target_group.Main.Arn),
								Weight: pulumi.Int(80),
							},
							&lb.ListenerRuleActionForwardTargetGroupArgs{
								Arn:    pulumi.Any(aws_lb_target_group.Canary.Arn),
								Weight: pulumi.Int(20),
							},
						},
						Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{
							Enabled:  pulumi.Bool(true),
							Duration: pulumi.Int(600),
						},
					},
				},
			},
			Conditions: lb.ListenerRuleConditionArray{
				&lb.ListenerRuleConditionArgs{
					HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
						Values: pulumi.StringArray{
							pulumi.String("my-service.*.mycompany.io"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "redirectHttpToHttps", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type: pulumi.String("redirect"),
					Redirect: &lb.ListenerRuleActionRedirectArgs{
						Port:       pulumi.String("443"),
						Protocol:   pulumi.String("HTTPS"),
						StatusCode: pulumi.String("HTTP_301"),
					},
				},
			},
			Conditions: lb.ListenerRuleConditionArray{
				&lb.ListenerRuleConditionArgs{
					HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{
						HttpHeaderName: pulumi.String("X-Forwarded-For"),
						Values: pulumi.StringArray{
							pulumi.String("192.168.1.*"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "healthCheck", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type: pulumi.String("fixed-response"),
					FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{
						ContentType: pulumi.String("text/plain"),
						MessageBody: pulumi.String("HEALTHY"),
						StatusCode:  pulumi.String("200"),
					},
				},
			},
			Conditions: lb.ListenerRuleConditionArray{
				&lb.ListenerRuleConditionArgs{
					QueryStrings: lb.ListenerRuleConditionQueryStringArray{
						&lb.ListenerRuleConditionQueryStringArgs{
							Key:   pulumi.String("health"),
							Value: pulumi.String("check"),
						},
						&lb.ListenerRuleConditionQueryStringArgs{
							Value: pulumi.String("bar"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		pool, err := cognito.NewUserPool(ctx, "pool", nil)
		if err != nil {
			return err
		}
		client, err := cognito.NewUserPoolClient(ctx, "client", nil)
		if err != nil {
			return err
		}
		domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil)
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "admin", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type: pulumi.String("authenticate-cognito"),
					AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{
						UserPoolArn:      pool.Arn,
						UserPoolClientId: client.ID(),
						UserPoolDomain:   domain.Domain,
					},
				},
				&lb.ListenerRuleActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: pulumi.Any(aws_lb_target_group.Static.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = lb.NewListenerRule(ctx, "oidc", &lb.ListenerRuleArgs{
			ListenerArn: frontEndListener.Arn,
			Actions: lb.ListenerRuleActionArray{
				&lb.ListenerRuleActionArgs{
					Type: pulumi.String("authenticate-oidc"),
					AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{
						AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"),
						ClientId:              pulumi.String("client_id"),
						ClientSecret:          pulumi.String("client_secret"),
						Issuer:                pulumi.String("https://example.com"),
						TokenEndpoint:         pulumi.String("https://example.com/token_endpoint"),
						UserInfoEndpoint:      pulumi.String("https://example.com/user_info_endpoint"),
					},
				},
				&lb.ListenerRuleActionArgs{
					Type:           pulumi.String("forward"),
					TargetGroupArn: pulumi.Any(aws_lb_target_group.Static.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerRule;
import com.pulumi.aws.lb.ListenerRuleArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolClient;
import com.pulumi.aws.cognito.UserPoolDomain;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var frontEndLoadBalancer = new LoadBalancer("frontEndLoadBalancer");

        var frontEndListener = new Listener("frontEndListener");

        var static_ = new ListenerRule("static", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .priority(100)
            .actions(ListenerRuleActionArgs.builder()
                .type("forward")
                .targetGroupArn(aws_lb_target_group.static().arn())
                .build())
            .conditions(            
                ListenerRuleConditionArgs.builder()
                    .pathPattern(ListenerRuleConditionPathPatternArgs.builder()
                        .values("/static/*")
                        .build())
                    .build(),
                ListenerRuleConditionArgs.builder()
                    .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
                        .values("example.com")
                        .build())
                    .build())
            .build());

        var hostBasedWeightedRouting = new ListenerRule("hostBasedWeightedRouting", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .priority(99)
            .actions(ListenerRuleActionArgs.builder()
                .type("forward")
                .targetGroupArn(aws_lb_target_group.static().arn())
                .build())
            .conditions(ListenerRuleConditionArgs.builder()
                .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
                    .values("my-service.*.mycompany.io")
                    .build())
                .build())
            .build());

        var hostBasedRouting = new ListenerRule("hostBasedRouting", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .priority(99)
            .actions(ListenerRuleActionArgs.builder()
                .type("forward")
                .forward(ListenerRuleActionForwardArgs.builder()
                    .targetGroups(                    
                        ListenerRuleActionForwardTargetGroupArgs.builder()
                            .arn(aws_lb_target_group.main().arn())
                            .weight(80)
                            .build(),
                        ListenerRuleActionForwardTargetGroupArgs.builder()
                            .arn(aws_lb_target_group.canary().arn())
                            .weight(20)
                            .build())
                    .stickiness(ListenerRuleActionForwardStickinessArgs.builder()
                        .enabled(true)
                        .duration(600)
                        .build())
                    .build())
                .build())
            .conditions(ListenerRuleConditionArgs.builder()
                .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
                    .values("my-service.*.mycompany.io")
                    .build())
                .build())
            .build());

        var redirectHttpToHttps = new ListenerRule("redirectHttpToHttps", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .actions(ListenerRuleActionArgs.builder()
                .type("redirect")
                .redirect(ListenerRuleActionRedirectArgs.builder()
                    .port("443")
                    .protocol("HTTPS")
                    .statusCode("HTTP_301")
                    .build())
                .build())
            .conditions(ListenerRuleConditionArgs.builder()
                .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
                    .httpHeaderName("X-Forwarded-For")
                    .values("192.168.1.*")
                    .build())
                .build())
            .build());

        var healthCheck = new ListenerRule("healthCheck", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .actions(ListenerRuleActionArgs.builder()
                .type("fixed-response")
                .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
                    .contentType("text/plain")
                    .messageBody("HEALTHY")
                    .statusCode("200")
                    .build())
                .build())
            .conditions(ListenerRuleConditionArgs.builder()
                .queryStrings(                
                    ListenerRuleConditionQueryStringArgs.builder()
                        .key("health")
                        .value("check")
                        .build(),
                    ListenerRuleConditionQueryStringArgs.builder()
                        .value("bar")
                        .build())
                .build())
            .build());

        var pool = new UserPool("pool");

        var client = new UserPoolClient("client");

        var domain = new UserPoolDomain("domain");

        var admin = new ListenerRule("admin", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .actions(            
                ListenerRuleActionArgs.builder()
                    .type("authenticate-cognito")
                    .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
                        .userPoolArn(pool.arn())
                        .userPoolClientId(client.id())
                        .userPoolDomain(domain.domain())
                        .build())
                    .build(),
                ListenerRuleActionArgs.builder()
                    .type("forward")
                    .targetGroupArn(aws_lb_target_group.static().arn())
                    .build())
            .build());

        var oidc = new ListenerRule("oidc", ListenerRuleArgs.builder()        
            .listenerArn(frontEndListener.arn())
            .actions(            
                ListenerRuleActionArgs.builder()
                    .type("authenticate-oidc")
                    .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
                        .authorizationEndpoint("https://example.com/authorization_endpoint")
                        .clientId("client_id")
                        .clientSecret("client_secret")
                        .issuer("https://example.com")
                        .tokenEndpoint("https://example.com/token_endpoint")
                        .userInfoEndpoint("https://example.com/user_info_endpoint")
                        .build())
                    .build(),
                ListenerRuleActionArgs.builder()
                    .type("forward")
                    .targetGroupArn(aws_lb_target_group.static().arn())
                    .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

front_end_load_balancer = aws.lb.LoadBalancer("frontEndLoadBalancer")
# ...
front_end_listener = aws.lb.Listener("frontEndListener")
# Other parameters
static = aws.lb.ListenerRule("static",
    listener_arn=front_end_listener.arn,
    priority=100,
    actions=[aws.lb.ListenerRuleActionArgs(
        type="forward",
        target_group_arn=aws_lb_target_group["static"]["arn"],
    )],
    conditions=[
        aws.lb.ListenerRuleConditionArgs(
            path_pattern=aws.lb.ListenerRuleConditionPathPatternArgs(
                values=["/static/*"],
            ),
        ),
        aws.lb.ListenerRuleConditionArgs(
            host_header=aws.lb.ListenerRuleConditionHostHeaderArgs(
                values=["example.com"],
            ),
        ),
    ])
# Forward action
host_based_weighted_routing = aws.lb.ListenerRule("hostBasedWeightedRouting",
    listener_arn=front_end_listener.arn,
    priority=99,
    actions=[aws.lb.ListenerRuleActionArgs(
        type="forward",
        target_group_arn=aws_lb_target_group["static"]["arn"],
    )],
    conditions=[aws.lb.ListenerRuleConditionArgs(
        host_header=aws.lb.ListenerRuleConditionHostHeaderArgs(
            values=["my-service.*.mycompany.io"],
        ),
    )])
# Weighted Forward action
host_based_routing = aws.lb.ListenerRule("hostBasedRouting",
    listener_arn=front_end_listener.arn,
    priority=99,
    actions=[aws.lb.ListenerRuleActionArgs(
        type="forward",
        forward=aws.lb.ListenerRuleActionForwardArgs(
            target_groups=[
                aws.lb.ListenerRuleActionForwardTargetGroupArgs(
                    arn=aws_lb_target_group["main"]["arn"],
                    weight=80,
                ),
                aws.lb.ListenerRuleActionForwardTargetGroupArgs(
                    arn=aws_lb_target_group["canary"]["arn"],
                    weight=20,
                ),
            ],
            stickiness=aws.lb.ListenerRuleActionForwardStickinessArgs(
                enabled=True,
                duration=600,
            ),
        ),
    )],
    conditions=[aws.lb.ListenerRuleConditionArgs(
        host_header=aws.lb.ListenerRuleConditionHostHeaderArgs(
            values=["my-service.*.mycompany.io"],
        ),
    )])
# Redirect action
redirect_http_to_https = aws.lb.ListenerRule("redirectHttpToHttps",
    listener_arn=front_end_listener.arn,
    actions=[aws.lb.ListenerRuleActionArgs(
        type="redirect",
        redirect=aws.lb.ListenerRuleActionRedirectArgs(
            port="443",
            protocol="HTTPS",
            status_code="HTTP_301",
        ),
    )],
    conditions=[aws.lb.ListenerRuleConditionArgs(
        http_header=aws.lb.ListenerRuleConditionHttpHeaderArgs(
            http_header_name="X-Forwarded-For",
            values=["192.168.1.*"],
        ),
    )])
# Fixed-response action
health_check = aws.lb.ListenerRule("healthCheck",
    listener_arn=front_end_listener.arn,
    actions=[aws.lb.ListenerRuleActionArgs(
        type="fixed-response",
        fixed_response=aws.lb.ListenerRuleActionFixedResponseArgs(
            content_type="text/plain",
            message_body="HEALTHY",
            status_code="200",
        ),
    )],
    conditions=[aws.lb.ListenerRuleConditionArgs(
        query_strings=[
            aws.lb.ListenerRuleConditionQueryStringArgs(
                key="health",
                value="check",
            ),
            aws.lb.ListenerRuleConditionQueryStringArgs(
                value="bar",
            ),
        ],
    )])
# Authenticate-cognito Action
pool = aws.cognito.UserPool("pool")
# ...
client = aws.cognito.UserPoolClient("client")
# ...
domain = aws.cognito.UserPoolDomain("domain")
# ...
admin = aws.lb.ListenerRule("admin",
    listener_arn=front_end_listener.arn,
    actions=[
        aws.lb.ListenerRuleActionArgs(
            type="authenticate-cognito",
            authenticate_cognito=aws.lb.ListenerRuleActionAuthenticateCognitoArgs(
                user_pool_arn=pool.arn,
                user_pool_client_id=client.id,
                user_pool_domain=domain.domain,
            ),
        ),
        aws.lb.ListenerRuleActionArgs(
            type="forward",
            target_group_arn=aws_lb_target_group["static"]["arn"],
        ),
    ])
# Authenticate-oidc Action
oidc = aws.lb.ListenerRule("oidc",
    listener_arn=front_end_listener.arn,
    actions=[
        aws.lb.ListenerRuleActionArgs(
            type="authenticate-oidc",
            authenticate_oidc=aws.lb.ListenerRuleActionAuthenticateOidcArgs(
                authorization_endpoint="https://example.com/authorization_endpoint",
                client_id="client_id",
                client_secret="client_secret",
                issuer="https://example.com",
                token_endpoint="https://example.com/token_endpoint",
                user_info_endpoint="https://example.com/user_info_endpoint",
            ),
        ),
        aws.lb.ListenerRuleActionArgs(
            type="forward",
            target_group_arn=aws_lb_target_group["static"]["arn"],
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const frontEndLoadBalancer = new aws.lb.LoadBalancer("frontEndLoadBalancer", {});
// ...
const frontEndListener = new aws.lb.Listener("frontEndListener", {});
// Other parameters
const static = new aws.lb.ListenerRule("static", {
    listenerArn: frontEndListener.arn,
    priority: 100,
    actions: [{
        type: "forward",
        targetGroupArn: aws_lb_target_group.static.arn,
    }],
    conditions: [
        {
            pathPattern: {
                values: ["/static/*"],
            },
        },
        {
            hostHeader: {
                values: ["example.com"],
            },
        },
    ],
});
// Forward action
const hostBasedWeightedRouting = new aws.lb.ListenerRule("hostBasedWeightedRouting", {
    listenerArn: frontEndListener.arn,
    priority: 99,
    actions: [{
        type: "forward",
        targetGroupArn: aws_lb_target_group.static.arn,
    }],
    conditions: [{
        hostHeader: {
            values: ["my-service.*.mycompany.io"],
        },
    }],
});
// Weighted Forward action
const hostBasedRouting = new aws.lb.ListenerRule("hostBasedRouting", {
    listenerArn: frontEndListener.arn,
    priority: 99,
    actions: [{
        type: "forward",
        forward: {
            targetGroups: [
                {
                    arn: aws_lb_target_group.main.arn,
                    weight: 80,
                },
                {
                    arn: aws_lb_target_group.canary.arn,
                    weight: 20,
                },
            ],
            stickiness: {
                enabled: true,
                duration: 600,
            },
        },
    }],
    conditions: [{
        hostHeader: {
            values: ["my-service.*.mycompany.io"],
        },
    }],
});
// Redirect action
const redirectHttpToHttps = new aws.lb.ListenerRule("redirectHttpToHttps", {
    listenerArn: frontEndListener.arn,
    actions: [{
        type: "redirect",
        redirect: {
            port: "443",
            protocol: "HTTPS",
            statusCode: "HTTP_301",
        },
    }],
    conditions: [{
        httpHeader: {
            httpHeaderName: "X-Forwarded-For",
            values: ["192.168.1.*"],
        },
    }],
});
// Fixed-response action
const healthCheck = new aws.lb.ListenerRule("healthCheck", {
    listenerArn: frontEndListener.arn,
    actions: [{
        type: "fixed-response",
        fixedResponse: {
            contentType: "text/plain",
            messageBody: "HEALTHY",
            statusCode: "200",
        },
    }],
    conditions: [{
        queryStrings: [
            {
                key: "health",
                value: "check",
            },
            {
                value: "bar",
            },
        ],
    }],
});
// Authenticate-cognito Action
const pool = new aws.cognito.UserPool("pool", {});
// ...
const client = new aws.cognito.UserPoolClient("client", {});
// ...
const domain = new aws.cognito.UserPoolDomain("domain", {});
// ...
const admin = new aws.lb.ListenerRule("admin", {
    listenerArn: frontEndListener.arn,
    actions: [
        {
            type: "authenticate-cognito",
            authenticateCognito: {
                userPoolArn: pool.arn,
                userPoolClientId: client.id,
                userPoolDomain: domain.domain,
            },
        },
        {
            type: "forward",
            targetGroupArn: aws_lb_target_group.static.arn,
        },
    ],
});
// Authenticate-oidc Action
const oidc = new aws.lb.ListenerRule("oidc", {
    listenerArn: frontEndListener.arn,
    actions: [
        {
            type: "authenticate-oidc",
            authenticateOidc: {
                authorizationEndpoint: "https://example.com/authorization_endpoint",
                clientId: "client_id",
                clientSecret: "client_secret",
                issuer: "https://example.com",
                tokenEndpoint: "https://example.com/token_endpoint",
                userInfoEndpoint: "https://example.com/user_info_endpoint",
            },
        },
        {
            type: "forward",
            targetGroupArn: aws_lb_target_group.static.arn,
        },
    ],
});
resources:
  frontEndLoadBalancer:
    type: aws:lb:LoadBalancer
  frontEndListener:
    type: aws:lb:Listener
  static: # Forward action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      priority: 100
      actions:
        - type: forward
          targetGroupArn: ${aws_lb_target_group.static.arn}
      conditions:
        - pathPattern:
            values:
              - /static/*
        - hostHeader:
            values:
              - example.com
  hostBasedWeightedRouting: # Weighted Forward action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      priority: 99
      actions:
        - type: forward
          targetGroupArn: ${aws_lb_target_group.static.arn}
      conditions:
        - hostHeader:
            values:
              - my-service.*.mycompany.io
  hostBasedRouting: # Redirect action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      priority: 99
      actions:
        - type: forward
          forward:
            targetGroups:
              - arn: ${aws_lb_target_group.main.arn}
                weight: 80
              - arn: ${aws_lb_target_group.canary.arn}
                weight: 20
            stickiness:
              enabled: true
              duration: 600
      conditions:
        - hostHeader:
            values:
              - my-service.*.mycompany.io
  redirectHttpToHttps: # Fixed-response action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      actions:
        - type: redirect
          redirect:
            port: '443'
            protocol: HTTPS
            statusCode: HTTP_301
      conditions:
        - httpHeader:
            httpHeaderName: X-Forwarded-For
            values:
              - 192.168.1.*
  healthCheck: # Authenticate-cognito Action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      actions:
        - type: fixed-response
          fixedResponse:
            contentType: text/plain
            messageBody: HEALTHY
            statusCode: '200'
      conditions:
        - queryStrings:
            - key: health
              value: check
            - value: bar
  pool:
    type: aws:cognito:UserPool
  client:
    type: aws:cognito:UserPoolClient
  domain:
    type: aws:cognito:UserPoolDomain
  admin: # Authenticate-oidc Action
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      actions:
        - type: authenticate-cognito
          authenticateCognito:
            userPoolArn: ${pool.arn}
            userPoolClientId: ${client.id}
            userPoolDomain: ${domain.domain}
        - type: forward
          targetGroupArn: ${aws_lb_target_group.static.arn}
  oidc:
    type: aws:lb:ListenerRule
    properties:
      listenerArn: ${frontEndListener.arn}
      actions:
        - type: authenticate-oidc
          authenticateOidc:
            authorizationEndpoint: https://example.com/authorization_endpoint
            clientId: client_id
            clientSecret: client_secret
            issuer: https://example.com
            tokenEndpoint: https://example.com/token_endpoint
            userInfoEndpoint: https://example.com/user_info_endpoint
        - type: forward
          targetGroupArn: ${aws_lb_target_group.static.arn}

Create ListenerRule Resource

new ListenerRule(name: string, args: ListenerRuleArgs, opts?: CustomResourceOptions);
@overload
def ListenerRule(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 actions: Optional[Sequence[ListenerRuleActionArgs]] = None,
                 conditions: Optional[Sequence[ListenerRuleConditionArgs]] = None,
                 listener_arn: Optional[str] = None,
                 priority: Optional[int] = None,
                 tags: Optional[Mapping[str, str]] = None)
@overload
def ListenerRule(resource_name: str,
                 args: ListenerRuleArgs,
                 opts: Optional[ResourceOptions] = None)
func NewListenerRule(ctx *Context, name string, args ListenerRuleArgs, opts ...ResourceOption) (*ListenerRule, error)
public ListenerRule(string name, ListenerRuleArgs args, CustomResourceOptions? opts = null)
public ListenerRule(String name, ListenerRuleArgs args)
public ListenerRule(String name, ListenerRuleArgs args, CustomResourceOptions options)
type: aws:lb:ListenerRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ListenerRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ListenerRuleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ListenerRuleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ListenerRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ListenerRuleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ListenerRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ListenerRule resource accepts the following input properties:

Actions List<ListenerRuleActionArgs>

An Action block. Action blocks are documented below.

Conditions List<ListenerRuleConditionArgs>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

ListenerArn string

The ARN of the listener to which to attach the rule.

Priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

Tags Dictionary<string, string>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Actions []ListenerRuleActionArgs

An Action block. Action blocks are documented below.

Conditions []ListenerRuleConditionArgs

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

ListenerArn string

The ARN of the listener to which to attach the rule.

Priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

Tags map[string]string

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

actions List<ListenerRuleActionArgs>

An Action block. Action blocks are documented below.

conditions List<ListenerRuleConditionArgs>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn String

The ARN of the listener to which to attach the rule.

priority Integer

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Map<String,String>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

actions ListenerRuleActionArgs[]

An Action block. Action blocks are documented below.

conditions ListenerRuleConditionArgs[]

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn string

The ARN of the listener to which to attach the rule.

priority number

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags {[key: string]: string}

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

actions Sequence[ListenerRuleActionArgs]

An Action block. Action blocks are documented below.

conditions Sequence[ListenerRuleConditionArgs]

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listener_arn str

The ARN of the listener to which to attach the rule.

priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Mapping[str, str]

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

actions List<Property Map>

An Action block. Action blocks are documented below.

conditions List<Property Map>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn String

The ARN of the listener to which to attach the rule.

priority Number

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Map<String>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Outputs

All input properties are implicitly available as output properties. Additionally, the ListenerRule resource produces the following output properties:

Arn string

The Amazon Resource Name (ARN) of the target group.

Id string

The provider-assigned unique ID for this managed resource.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Arn string

The Amazon Resource Name (ARN) of the target group.

Id string

The provider-assigned unique ID for this managed resource.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

arn String

The Amazon Resource Name (ARN) of the target group.

id String

The provider-assigned unique ID for this managed resource.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

arn string

The Amazon Resource Name (ARN) of the target group.

id string

The provider-assigned unique ID for this managed resource.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

arn str

The Amazon Resource Name (ARN) of the target group.

id str

The provider-assigned unique ID for this managed resource.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

arn String

The Amazon Resource Name (ARN) of the target group.

id String

The provider-assigned unique ID for this managed resource.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Look up Existing ListenerRule Resource

Get an existing ListenerRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ListenerRuleState, opts?: CustomResourceOptions): ListenerRule
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        actions: Optional[Sequence[ListenerRuleActionArgs]] = None,
        arn: Optional[str] = None,
        conditions: Optional[Sequence[ListenerRuleConditionArgs]] = None,
        listener_arn: Optional[str] = None,
        priority: Optional[int] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None) -> ListenerRule
func GetListenerRule(ctx *Context, name string, id IDInput, state *ListenerRuleState, opts ...ResourceOption) (*ListenerRule, error)
public static ListenerRule Get(string name, Input<string> id, ListenerRuleState? state, CustomResourceOptions? opts = null)
public static ListenerRule get(String name, Output<String> id, ListenerRuleState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Actions List<ListenerRuleActionArgs>

An Action block. Action blocks are documented below.

Arn string

The Amazon Resource Name (ARN) of the target group.

Conditions List<ListenerRuleConditionArgs>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

ListenerArn string

The ARN of the listener to which to attach the rule.

Priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

Tags Dictionary<string, string>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Actions []ListenerRuleActionArgs

An Action block. Action blocks are documented below.

Arn string

The Amazon Resource Name (ARN) of the target group.

Conditions []ListenerRuleConditionArgs

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

ListenerArn string

The ARN of the listener to which to attach the rule.

Priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

Tags map[string]string

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

actions List<ListenerRuleActionArgs>

An Action block. Action blocks are documented below.

arn String

The Amazon Resource Name (ARN) of the target group.

conditions List<ListenerRuleConditionArgs>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn String

The ARN of the listener to which to attach the rule.

priority Integer

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Map<String,String>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

actions ListenerRuleActionArgs[]

An Action block. Action blocks are documented below.

arn string

The Amazon Resource Name (ARN) of the target group.

conditions ListenerRuleConditionArgs[]

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn string

The ARN of the listener to which to attach the rule.

priority number

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags {[key: string]: string}

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

actions Sequence[ListenerRuleActionArgs]

An Action block. Action blocks are documented below.

arn str

The Amazon Resource Name (ARN) of the target group.

conditions Sequence[ListenerRuleConditionArgs]

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listener_arn str

The ARN of the listener to which to attach the rule.

priority int

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Mapping[str, str]

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

actions List<Property Map>

An Action block. Action blocks are documented below.

arn String

The Amazon Resource Name (ARN) of the target group.

conditions List<Property Map>

A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.

listenerArn String

The ARN of the listener to which to attach the rule.

priority Number

The priority for the rule between 1 and 50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority.

tags Map<String>

A map of tags to assign to the resource. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Supporting Types

ListenerRuleAction

Type string

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

AuthenticateCognito ListenerRuleActionAuthenticateCognito

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

AuthenticateOidc ListenerRuleActionAuthenticateOidc

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

FixedResponse ListenerRuleActionFixedResponse

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

Forward ListenerRuleActionForward

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

Order int
Redirect ListenerRuleActionRedirect

Information for creating a redirect action. Required if type is redirect.

TargetGroupArn string

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

Type string

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

AuthenticateCognito ListenerRuleActionAuthenticateCognito

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

AuthenticateOidc ListenerRuleActionAuthenticateOidc

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

FixedResponse ListenerRuleActionFixedResponse

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

Forward ListenerRuleActionForward

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

Order int
Redirect ListenerRuleActionRedirect

Information for creating a redirect action. Required if type is redirect.

TargetGroupArn string

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

type String

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

authenticateCognito ListenerRuleActionAuthenticateCognito

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

authenticateOidc ListenerRuleActionAuthenticateOidc

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

fixedResponse ListenerRuleActionFixedResponse

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

forward ListenerRuleActionForward

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

order Integer
redirect ListenerRuleActionRedirect

Information for creating a redirect action. Required if type is redirect.

targetGroupArn String

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

type string

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

authenticateCognito ListenerRuleActionAuthenticateCognito

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

authenticateOidc ListenerRuleActionAuthenticateOidc

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

fixedResponse ListenerRuleActionFixedResponse

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

forward ListenerRuleActionForward

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

order number
redirect ListenerRuleActionRedirect

Information for creating a redirect action. Required if type is redirect.

targetGroupArn string

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

type str

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

authenticate_cognito ListenerRuleActionAuthenticateCognito

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

authenticate_oidc ListenerRuleActionAuthenticateOidc

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

fixed_response ListenerRuleActionFixedResponse

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

forward ListenerRuleActionForward

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

order int
redirect ListenerRuleActionRedirect

Information for creating a redirect action. Required if type is redirect.

target_group_arn str

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

type String

The type of routing action. Valid values are forward, redirect, fixed-response, authenticate-cognito and authenticate-oidc.

authenticateCognito Property Map

Information for creating an authenticate action using Cognito. Required if type is authenticate-cognito.

authenticateOidc Property Map

Information for creating an authenticate action using OIDC. Required if type is authenticate-oidc.

fixedResponse Property Map

Information for creating an action that returns a custom HTTP response. Required if type is fixed-response.

forward Property Map

Information for creating an action that distributes requests among one or more target groups. Specify only if type is forward. If you specify both forward block and target_group_arn attribute, you can specify only one target group using forward and it must be the same target group specified in target_group_arn.

order Number
redirect Property Map

Information for creating a redirect action. Required if type is redirect.

targetGroupArn String

The ARN of the Target Group to which to route traffic. Specify only if type is forward and you want to route to a single target group. To route to one or more target groups, use a forward block instead.

ListenerRuleActionAuthenticateCognito

UserPoolArn string

The ARN of the Cognito user pool.

UserPoolClientId string

The ID of the Cognito user pool client.

UserPoolDomain string

The domain prefix or fully-qualified domain name of the Cognito user pool.

AuthenticationRequestExtraParams Dictionary<string, string>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

Scope string

The set of user claims to be requested from the IdP.

SessionCookieName string

The name of the cookie used to maintain session information.

SessionTimeout int

The maximum duration of the authentication session, in seconds.

UserPoolArn string

The ARN of the Cognito user pool.

UserPoolClientId string

The ID of the Cognito user pool client.

UserPoolDomain string

The domain prefix or fully-qualified domain name of the Cognito user pool.

AuthenticationRequestExtraParams map[string]string

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

Scope string

The set of user claims to be requested from the IdP.

SessionCookieName string

The name of the cookie used to maintain session information.

SessionTimeout int

The maximum duration of the authentication session, in seconds.

userPoolArn String

The ARN of the Cognito user pool.

userPoolClientId String

The ID of the Cognito user pool client.

userPoolDomain String

The domain prefix or fully-qualified domain name of the Cognito user pool.

authenticationRequestExtraParams Map<String,String>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope String

The set of user claims to be requested from the IdP.

sessionCookieName String

The name of the cookie used to maintain session information.

sessionTimeout Integer

The maximum duration of the authentication session, in seconds.

userPoolArn string

The ARN of the Cognito user pool.

userPoolClientId string

The ID of the Cognito user pool client.

userPoolDomain string

The domain prefix or fully-qualified domain name of the Cognito user pool.

authenticationRequestExtraParams {[key: string]: string}

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope string

The set of user claims to be requested from the IdP.

sessionCookieName string

The name of the cookie used to maintain session information.

sessionTimeout number

The maximum duration of the authentication session, in seconds.

user_pool_arn str

The ARN of the Cognito user pool.

user_pool_client_id str

The ID of the Cognito user pool client.

user_pool_domain str

The domain prefix or fully-qualified domain name of the Cognito user pool.

authentication_request_extra_params Mapping[str, str]

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

on_unauthenticated_request str

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope str

The set of user claims to be requested from the IdP.

session_cookie_name str

The name of the cookie used to maintain session information.

session_timeout int

The maximum duration of the authentication session, in seconds.

userPoolArn String

The ARN of the Cognito user pool.

userPoolClientId String

The ID of the Cognito user pool client.

userPoolDomain String

The domain prefix or fully-qualified domain name of the Cognito user pool.

authenticationRequestExtraParams Map<String>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope String

The set of user claims to be requested from the IdP.

sessionCookieName String

The name of the cookie used to maintain session information.

sessionTimeout Number

The maximum duration of the authentication session, in seconds.

ListenerRuleActionAuthenticateOidc

AuthorizationEndpoint string

The authorization endpoint of the IdP.

ClientId string

The OAuth 2.0 client identifier.

ClientSecret string

The OAuth 2.0 client secret.

Issuer string

The OIDC issuer identifier of the IdP.

TokenEndpoint string

The token endpoint of the IdP.

UserInfoEndpoint string

The user info endpoint of the IdP.

AuthenticationRequestExtraParams Dictionary<string, string>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

Scope string

The set of user claims to be requested from the IdP.

SessionCookieName string

The name of the cookie used to maintain session information.

SessionTimeout int

The maximum duration of the authentication session, in seconds.

AuthorizationEndpoint string

The authorization endpoint of the IdP.

ClientId string

The OAuth 2.0 client identifier.

ClientSecret string

The OAuth 2.0 client secret.

Issuer string

The OIDC issuer identifier of the IdP.

TokenEndpoint string

The token endpoint of the IdP.

UserInfoEndpoint string

The user info endpoint of the IdP.

AuthenticationRequestExtraParams map[string]string

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

OnUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

Scope string

The set of user claims to be requested from the IdP.

SessionCookieName string

The name of the cookie used to maintain session information.

SessionTimeout int

The maximum duration of the authentication session, in seconds.

authorizationEndpoint String

The authorization endpoint of the IdP.

clientId String

The OAuth 2.0 client identifier.

clientSecret String

The OAuth 2.0 client secret.

issuer String

The OIDC issuer identifier of the IdP.

tokenEndpoint String

The token endpoint of the IdP.

userInfoEndpoint String

The user info endpoint of the IdP.

authenticationRequestExtraParams Map<String,String>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope String

The set of user claims to be requested from the IdP.

sessionCookieName String

The name of the cookie used to maintain session information.

sessionTimeout Integer

The maximum duration of the authentication session, in seconds.

authorizationEndpoint string

The authorization endpoint of the IdP.

clientId string

The OAuth 2.0 client identifier.

clientSecret string

The OAuth 2.0 client secret.

issuer string

The OIDC issuer identifier of the IdP.

tokenEndpoint string

The token endpoint of the IdP.

userInfoEndpoint string

The user info endpoint of the IdP.

authenticationRequestExtraParams {[key: string]: string}

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest string

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope string

The set of user claims to be requested from the IdP.

sessionCookieName string

The name of the cookie used to maintain session information.

sessionTimeout number

The maximum duration of the authentication session, in seconds.

authorization_endpoint str

The authorization endpoint of the IdP.

client_id str

The OAuth 2.0 client identifier.

client_secret str

The OAuth 2.0 client secret.

issuer str

The OIDC issuer identifier of the IdP.

token_endpoint str

The token endpoint of the IdP.

user_info_endpoint str

The user info endpoint of the IdP.

authentication_request_extra_params Mapping[str, str]

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

on_unauthenticated_request str

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope str

The set of user claims to be requested from the IdP.

session_cookie_name str

The name of the cookie used to maintain session information.

session_timeout int

The maximum duration of the authentication session, in seconds.

authorizationEndpoint String

The authorization endpoint of the IdP.

clientId String

The OAuth 2.0 client identifier.

clientSecret String

The OAuth 2.0 client secret.

issuer String

The OIDC issuer identifier of the IdP.

tokenEndpoint String

The token endpoint of the IdP.

userInfoEndpoint String

The user info endpoint of the IdP.

authenticationRequestExtraParams Map<String>

The query parameters to include in the redirect request to the authorization endpoint. Max: 10.

onUnauthenticatedRequest String

The behavior if the user is not authenticated. Valid values: deny, allow and authenticate

scope String

The set of user claims to be requested from the IdP.

sessionCookieName String

The name of the cookie used to maintain session information.

sessionTimeout Number

The maximum duration of the authentication session, in seconds.

ListenerRuleActionFixedResponse

ContentType string

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

MessageBody string

The message body.

StatusCode string

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

ContentType string

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

MessageBody string

The message body.

StatusCode string

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

contentType String

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

messageBody String

The message body.

statusCode String

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

contentType string

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

messageBody string

The message body.

statusCode string

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

content_type str

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

message_body str

The message body.

status_code str

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

contentType String

The content type. Valid values are text/plain, text/css, text/html, application/javascript and application/json.

messageBody String

The message body.

statusCode String

The HTTP response code. Valid values are 2XX, 4XX, or 5XX.

ListenerRuleActionForward

TargetGroups List<ListenerRuleActionForwardTargetGroup>

One or more target groups block.

Stickiness ListenerRuleActionForwardStickiness

The target group stickiness for the rule.

TargetGroups []ListenerRuleActionForwardTargetGroup

One or more target groups block.

Stickiness ListenerRuleActionForwardStickiness

The target group stickiness for the rule.

targetGroups List<ListenerRuleActionForwardTargetGroup>

One or more target groups block.

stickiness ListenerRuleActionForwardStickiness

The target group stickiness for the rule.

targetGroups ListenerRuleActionForwardTargetGroup[]

One or more target groups block.

stickiness ListenerRuleActionForwardStickiness

The target group stickiness for the rule.

target_groups Sequence[ListenerRuleActionForwardTargetGroup]

One or more target groups block.

stickiness ListenerRuleActionForwardStickiness

The target group stickiness for the rule.

targetGroups List<Property Map>

One or more target groups block.

stickiness Property Map

The target group stickiness for the rule.

ListenerRuleActionForwardStickiness

Duration int

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

Enabled bool

Indicates whether target group stickiness is enabled.

Duration int

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

Enabled bool

Indicates whether target group stickiness is enabled.

duration Integer

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

enabled Boolean

Indicates whether target group stickiness is enabled.

duration number

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

enabled boolean

Indicates whether target group stickiness is enabled.

duration int

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

enabled bool

Indicates whether target group stickiness is enabled.

duration Number

The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).

enabled Boolean

Indicates whether target group stickiness is enabled.

ListenerRuleActionForwardTargetGroup

Arn string

The Amazon Resource Name (ARN) of the target group.

Weight int

The weight. The range is 0 to 999.

Arn string

The Amazon Resource Name (ARN) of the target group.

Weight int

The weight. The range is 0 to 999.

arn String

The Amazon Resource Name (ARN) of the target group.

weight Integer

The weight. The range is 0 to 999.

arn string

The Amazon Resource Name (ARN) of the target group.

weight number

The weight. The range is 0 to 999.

arn str

The Amazon Resource Name (ARN) of the target group.

weight int

The weight. The range is 0 to 999.

arn String

The Amazon Resource Name (ARN) of the target group.

weight Number

The weight. The range is 0 to 999.

ListenerRuleActionRedirect

StatusCode string

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

Host string

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

Path string

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

Port string

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

Protocol string

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

Query string

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

StatusCode string

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

Host string

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

Path string

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

Port string

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

Protocol string

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

Query string

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

statusCode String

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

host String

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

path String

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

port String

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

protocol String

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

query String

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

statusCode string

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

host string

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

path string

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

port string

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

protocol string

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

query string

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

status_code str

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

host str

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

path str

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

port str

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

protocol str

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

query str

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

statusCode String

The HTTP redirect code. The redirect is either permanent (HTTP_301) or temporary (HTTP_302).

host String

The hostname. This component is not percent-encoded. The hostname can contain #{host}. Defaults to #{host}.

path String

The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to /#{path}.

port String

The port. Specify a value from 1 to 65535 or #{port}. Defaults to #{port}.

protocol String

The protocol. Valid values are HTTP, HTTPS, or #{protocol}. Defaults to #{protocol}.

query String

The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to #{query}.

ListenerRuleCondition

HostHeader ListenerRuleConditionHostHeader

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

HttpHeader ListenerRuleConditionHttpHeader

HTTP headers to match. HTTP Header block fields documented below.

HttpRequestMethod ListenerRuleConditionHttpRequestMethod

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

PathPattern ListenerRuleConditionPathPattern

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

QueryStrings List<ListenerRuleConditionQueryString>

Query strings to match. Query String block fields documented below.

SourceIp ListenerRuleConditionSourceIp

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

HostHeader ListenerRuleConditionHostHeader

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

HttpHeader ListenerRuleConditionHttpHeader

HTTP headers to match. HTTP Header block fields documented below.

HttpRequestMethod ListenerRuleConditionHttpRequestMethod

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

PathPattern ListenerRuleConditionPathPattern

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

QueryStrings []ListenerRuleConditionQueryString

Query strings to match. Query String block fields documented below.

SourceIp ListenerRuleConditionSourceIp

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

hostHeader ListenerRuleConditionHostHeader

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

httpHeader ListenerRuleConditionHttpHeader

HTTP headers to match. HTTP Header block fields documented below.

httpRequestMethod ListenerRuleConditionHttpRequestMethod

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

pathPattern ListenerRuleConditionPathPattern

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

queryStrings List<ListenerRuleConditionQueryString>

Query strings to match. Query String block fields documented below.

sourceIp ListenerRuleConditionSourceIp

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

hostHeader ListenerRuleConditionHostHeader

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

httpHeader ListenerRuleConditionHttpHeader

HTTP headers to match. HTTP Header block fields documented below.

httpRequestMethod ListenerRuleConditionHttpRequestMethod

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

pathPattern ListenerRuleConditionPathPattern

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

queryStrings ListenerRuleConditionQueryString[]

Query strings to match. Query String block fields documented below.

sourceIp ListenerRuleConditionSourceIp

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

host_header ListenerRuleConditionHostHeader

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

http_header ListenerRuleConditionHttpHeader

HTTP headers to match. HTTP Header block fields documented below.

http_request_method ListenerRuleConditionHttpRequestMethod

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

path_pattern ListenerRuleConditionPathPattern

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

query_strings Sequence[ListenerRuleConditionQueryString]

Query strings to match. Query String block fields documented below.

source_ip ListenerRuleConditionSourceIp

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

hostHeader Property Map

Contains a single values item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied.

httpHeader Property Map

HTTP headers to match. HTTP Header block fields documented below.

httpRequestMethod Property Map

Contains a single values item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached.

pathPattern Property Map

Contains a single values item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a query_string condition.

queryStrings List<Property Map>

Query strings to match. Query String block fields documented below.

sourceIp Property Map

Contains a single values item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the X-Forwarded-For header, use http_header condition instead.

ListenerRuleConditionHostHeader

Values List<string>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

Values []string

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values string[]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values Sequence[str]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

ListenerRuleConditionHttpHeader

HttpHeaderName string

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

Values List<string>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

HttpHeaderName string

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

Values []string

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

httpHeaderName String

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

httpHeaderName string

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

values string[]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

http_header_name str

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

values Sequence[str]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

httpHeaderName String

Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a host-header condition instead.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

ListenerRuleConditionHttpRequestMethod

Values List<string>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

Values []string

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values string[]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values Sequence[str]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

ListenerRuleConditionPathPattern

Values List<string>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

Values []string

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values string[]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values Sequence[str]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

ListenerRuleConditionQueryString

Value string

Query string value pattern to match.

Key string

Query string key pattern to match.

Value string

Query string value pattern to match.

Key string

Query string key pattern to match.

value String

Query string value pattern to match.

key String

Query string key pattern to match.

value string

Query string value pattern to match.

key string

Query string key pattern to match.

value str

Query string value pattern to match.

key str

Query string key pattern to match.

value String

Query string value pattern to match.

key String

Query string key pattern to match.

ListenerRuleConditionSourceIp

Values List<string>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

Values []string

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values string[]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values Sequence[str]

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

values List<String>

List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.

Import

Rules can be imported using their ARN, e.g.,

 $ pulumi import aws:lb/listenerRule:ListenerRule front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.