Docs Home
AWS v6.78.0 published on Thursday, Apr 24, 2025 by Pulumi
aws.lb.ListenerRule
Explore with Pulumi AI
Provides a Load Balancer Listener Rule resource.
Note:
aws.alb.ListenerRuleis known asaws.lb.ListenerRule. The functionality is identical.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEnd = new aws.lb.LoadBalancer("front_end", {});
const frontEndListener = new aws.lb.Listener("front_end", {});
const static = new aws.lb.ListenerRule("static", {
listenerArn: frontEndListener.arn,
priority: 100,
actions: [{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
}],
conditions: [
{
pathPattern: {
values: ["/static/*"],
},
},
{
hostHeader: {
values: ["example.com"],
},
},
],
});
// Forward action
const hostBasedWeightedRouting = new aws.lb.ListenerRule("host_based_weighted_routing", {
listenerArn: frontEndListener.arn,
priority: 99,
actions: [{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
}],
conditions: [{
hostHeader: {
values: ["my-service.*.mycompany.io"],
},
}],
});
// Weighted Forward action
const hostBasedRouting = new aws.lb.ListenerRule("host_based_routing", {
listenerArn: frontEndListener.arn,
priority: 99,
actions: [{
type: "forward",
forward: {
targetGroups: [
{
arn: main.arn,
weight: 80,
},
{
arn: canary.arn,
weight: 20,
},
],
stickiness: {
enabled: true,
duration: 600,
},
},
}],
conditions: [{
hostHeader: {
values: ["my-service.*.mycompany.io"],
},
}],
});
// Redirect action
const redirectHttpToHttps = new aws.lb.ListenerRule("redirect_http_to_https", {
listenerArn: frontEndListener.arn,
actions: [{
type: "redirect",
redirect: {
port: "443",
protocol: "HTTPS",
statusCode: "HTTP_301",
},
}],
conditions: [{
httpHeader: {
httpHeaderName: "X-Forwarded-For",
values: ["192.168.1.*"],
},
}],
});
// Fixed-response action
const healthCheck = new aws.lb.ListenerRule("health_check", {
listenerArn: frontEndListener.arn,
actions: [{
type: "fixed-response",
fixedResponse: {
contentType: "text/plain",
messageBody: "HEALTHY",
statusCode: "200",
},
}],
conditions: [{
queryStrings: [
{
key: "health",
value: "check",
},
{
value: "bar",
},
],
}],
});
// Authenticate-cognito Action
const pool = new aws.cognito.UserPool("pool", {});
const client = new aws.cognito.UserPoolClient("client", {});
const domain = new aws.cognito.UserPoolDomain("domain", {});
const admin = new aws.lb.ListenerRule("admin", {
listenerArn: frontEndListener.arn,
actions: [
{
type: "authenticate-cognito",
authenticateCognito: {
userPoolArn: pool.arn,
userPoolClientId: client.id,
userPoolDomain: domain.domain,
},
},
{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
},
],
});
// Authenticate-oidc Action
const oidc = new aws.lb.ListenerRule("oidc", {
listenerArn: frontEndListener.arn,
actions: [
{
type: "authenticate-oidc",
authenticateOidc: {
authorizationEndpoint: "https://example.com/authorization_endpoint",
clientId: "client_id",
clientSecret: "client_secret",
issuer: "https://example.com",
tokenEndpoint: "https://example.com/token_endpoint",
userInfoEndpoint: "https://example.com/user_info_endpoint",
},
},
{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
},
],
});
import pulumi
import pulumi_aws as aws
front_end = aws.lb.LoadBalancer("front_end")
front_end_listener = aws.lb.Listener("front_end")
static = aws.lb.ListenerRule("static",
listener_arn=front_end_listener.arn,
priority=100,
actions=[{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
}],
conditions=[
{
"path_pattern": {
"values": ["/static/*"],
},
},
{
"host_header": {
"values": ["example.com"],
},
},
])
# Forward action
host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
listener_arn=front_end_listener.arn,
priority=99,
actions=[{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
}],
conditions=[{
"host_header": {
"values": ["my-service.*.mycompany.io"],
},
}])
# Weighted Forward action
host_based_routing = aws.lb.ListenerRule("host_based_routing",
listener_arn=front_end_listener.arn,
priority=99,
actions=[{
"type": "forward",
"forward": {
"target_groups": [
{
"arn": main["arn"],
"weight": 80,
},
{
"arn": canary["arn"],
"weight": 20,
},
],
"stickiness": {
"enabled": True,
"duration": 600,
},
},
}],
conditions=[{
"host_header": {
"values": ["my-service.*.mycompany.io"],
},
}])
# Redirect action
redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
listener_arn=front_end_listener.arn,
actions=[{
"type": "redirect",
"redirect": {
"port": "443",
"protocol": "HTTPS",
"status_code": "HTTP_301",
},
}],
conditions=[{
"http_header": {
"http_header_name": "X-Forwarded-For",
"values": ["192.168.1.*"],
},
}])
# Fixed-response action
health_check = aws.lb.ListenerRule("health_check",
listener_arn=front_end_listener.arn,
actions=[{
"type": "fixed-response",
"fixed_response": {
"content_type": "text/plain",
"message_body": "HEALTHY",
"status_code": "200",
},
}],
conditions=[{
"query_strings": [
{
"key": "health",
"value": "check",
},
{
"value": "bar",
},
],
}])
# Authenticate-cognito Action
pool = aws.cognito.UserPool("pool")
client = aws.cognito.UserPoolClient("client")
domain = aws.cognito.UserPoolDomain("domain")
admin = aws.lb.ListenerRule("admin",
listener_arn=front_end_listener.arn,
actions=[
{
"type": "authenticate-cognito",
"authenticate_cognito": {
"user_pool_arn": pool.arn,
"user_pool_client_id": client.id,
"user_pool_domain": domain.domain,
},
},
{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
},
])
# Authenticate-oidc Action
oidc = aws.lb.ListenerRule("oidc",
listener_arn=front_end_listener.arn,
actions=[
{
"type": "authenticate-oidc",
"authenticate_oidc": {
"authorization_endpoint": "https://example.com/authorization_endpoint",
"client_id": "client_id",
"client_secret": "client_secret",
"issuer": "https://example.com",
"token_endpoint": "https://example.com/token_endpoint",
"user_info_endpoint": "https://example.com/user_info_endpoint",
},
},
{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
},
])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lb.NewLoadBalancer(ctx, "front_end", nil)
if err != nil {
return err
}
frontEndListener, err := lb.NewListener(ctx, "front_end", nil)
if err != nil {
return err
}
_, err = lb.NewListenerRule(ctx, "static", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(100),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
PathPattern: &lb.ListenerRuleConditionPathPatternArgs{
Values: pulumi.StringArray{
pulumi.String("/static/*"),
},
},
},
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("example.com"),
},
},
},
},
})
if err != nil {
return err
}
// Forward action
_, err = lb.NewListenerRule(ctx, "host_based_weighted_routing", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(99),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("my-service.*.mycompany.io"),
},
},
},
},
})
if err != nil {
return err
}
// Weighted Forward action
_, err = lb.NewListenerRule(ctx, "host_based_routing", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(99),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
Forward: &lb.ListenerRuleActionForwardArgs{
TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{
&lb.ListenerRuleActionForwardTargetGroupArgs{
Arn: pulumi.Any(main.Arn),
Weight: pulumi.Int(80),
},
&lb.ListenerRuleActionForwardTargetGroupArgs{
Arn: pulumi.Any(canary.Arn),
Weight: pulumi.Int(20),
},
},
Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{
Enabled: pulumi.Bool(true),
Duration: pulumi.Int(600),
},
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("my-service.*.mycompany.io"),
},
},
},
},
})
if err != nil {
return err
}
// Redirect action
_, err = lb.NewListenerRule(ctx, "redirect_http_to_https", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("redirect"),
Redirect: &lb.ListenerRuleActionRedirectArgs{
Port: pulumi.String("443"),
Protocol: pulumi.String("HTTPS"),
StatusCode: pulumi.String("HTTP_301"),
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{
HttpHeaderName: pulumi.String("X-Forwarded-For"),
Values: pulumi.StringArray{
pulumi.String("192.168.1.*"),
},
},
},
},
})
if err != nil {
return err
}
// Fixed-response action
_, err = lb.NewListenerRule(ctx, "health_check", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("fixed-response"),
FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{
ContentType: pulumi.String("text/plain"),
MessageBody: pulumi.String("HEALTHY"),
StatusCode: pulumi.String("200"),
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
QueryStrings: lb.ListenerRuleConditionQueryStringArray{
&lb.ListenerRuleConditionQueryStringArgs{
Key: pulumi.String("health"),
Value: pulumi.String("check"),
},
&lb.ListenerRuleConditionQueryStringArgs{
Value: pulumi.String("bar"),
},
},
},
},
})
if err != nil {
return err
}
// Authenticate-cognito Action
pool, err := cognito.NewUserPool(ctx, "pool", nil)
if err != nil {
return err
}
client, err := cognito.NewUserPoolClient(ctx, "client", nil)
if err != nil {
return err
}
domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil)
if err != nil {
return err
}
_, err = lb.NewListenerRule(ctx, "admin", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("authenticate-cognito"),
AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{
UserPoolArn: pool.Arn,
UserPoolClientId: client.ID(),
UserPoolDomain: domain.Domain,
},
},
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
})
if err != nil {
return err
}
// Authenticate-oidc Action
_, err = lb.NewListenerRule(ctx, "oidc", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("authenticate-oidc"),
AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{
AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"),
ClientId: pulumi.String("client_id"),
ClientSecret: pulumi.String("client_secret"),
Issuer: pulumi.String("https://example.com"),
TokenEndpoint: pulumi.String("https://example.com/token_endpoint"),
UserInfoEndpoint: pulumi.String("https://example.com/user_info_endpoint"),
},
},
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEnd = new Aws.LB.LoadBalancer("front_end");
var frontEndListener = new Aws.LB.Listener("front_end");
var @static = new Aws.LB.ListenerRule("static", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 100,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs
{
Values = new[]
{
"/static/*",
},
},
},
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"example.com",
},
},
},
},
});
// Forward action
var hostBasedWeightedRouting = new Aws.LB.ListenerRule("host_based_weighted_routing", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 99,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"my-service.*.mycompany.io",
},
},
},
},
});
// Weighted Forward action
var hostBasedRouting = new Aws.LB.ListenerRule("host_based_routing", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 99,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs
{
TargetGroups = new[]
{
new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
{
Arn = main.Arn,
Weight = 80,
},
new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
{
Arn = canary.Arn,
Weight = 20,
},
},
Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs
{
Enabled = true,
Duration = 600,
},
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"my-service.*.mycompany.io",
},
},
},
},
});
// Redirect action
var redirectHttpToHttps = new Aws.LB.ListenerRule("redirect_http_to_https", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "redirect",
Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs
{
Port = "443",
Protocol = "HTTPS",
StatusCode = "HTTP_301",
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs
{
HttpHeaderName = "X-Forwarded-For",
Values = new[]
{
"192.168.1.*",
},
},
},
},
});
// Fixed-response action
var healthCheck = new Aws.LB.ListenerRule("health_check", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "fixed-response",
FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs
{
ContentType = "text/plain",
MessageBody = "HEALTHY",
StatusCode = "200",
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
QueryStrings = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
{
Key = "health",
Value = "check",
},
new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
{
Value = "bar",
},
},
},
},
});
// Authenticate-cognito Action
var pool = new Aws.Cognito.UserPool("pool");
var client = new Aws.Cognito.UserPoolClient("client");
var domain = new Aws.Cognito.UserPoolDomain("domain");
var admin = new Aws.LB.ListenerRule("admin", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "authenticate-cognito",
AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs
{
UserPoolArn = pool.Arn,
UserPoolClientId = client.Id,
UserPoolDomain = domain.Domain,
},
},
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
});
// Authenticate-oidc Action
var oidc = new Aws.LB.ListenerRule("oidc", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "authenticate-oidc",
AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "https://example.com/authorization_endpoint",
ClientId = "client_id",
ClientSecret = "client_secret",
Issuer = "https://example.com",
TokenEndpoint = "https://example.com/token_endpoint",
UserInfoEndpoint = "https://example.com/user_info_endpoint",
},
},
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerRule;
import com.pulumi.aws.lb.ListenerRuleArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolClient;
import com.pulumi.aws.cognito.UserPoolDomain;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEnd = new LoadBalancer("frontEnd");
var frontEndListener = new Listener("frontEndListener");
var static_ = new ListenerRule("static", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(100)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.conditions(
ListenerRuleConditionArgs.builder()
.pathPattern(ListenerRuleConditionPathPatternArgs.builder()
.values("/static/*")
.build())
.build(),
ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("example.com")
.build())
.build())
.build());
// Forward action
var hostBasedWeightedRouting = new ListenerRule("hostBasedWeightedRouting", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(99)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("my-service.*.mycompany.io")
.build())
.build())
.build());
// Weighted Forward action
var hostBasedRouting = new ListenerRule("hostBasedRouting", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(99)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.forward(ListenerRuleActionForwardArgs.builder()
.targetGroups(
ListenerRuleActionForwardTargetGroupArgs.builder()
.arn(main.arn())
.weight(80)
.build(),
ListenerRuleActionForwardTargetGroupArgs.builder()
.arn(canary.arn())
.weight(20)
.build())
.stickiness(ListenerRuleActionForwardStickinessArgs.builder()
.enabled(true)
.duration(600)
.build())
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("my-service.*.mycompany.io")
.build())
.build())
.build());
// Redirect action
var redirectHttpToHttps = new ListenerRule("redirectHttpToHttps", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(ListenerRuleActionArgs.builder()
.type("redirect")
.redirect(ListenerRuleActionRedirectArgs.builder()
.port("443")
.protocol("HTTPS")
.statusCode("HTTP_301")
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
.httpHeaderName("X-Forwarded-For")
.values("192.168.1.*")
.build())
.build())
.build());
// Fixed-response action
var healthCheck = new ListenerRule("healthCheck", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(ListenerRuleActionArgs.builder()
.type("fixed-response")
.fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
.contentType("text/plain")
.messageBody("HEALTHY")
.statusCode("200")
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.queryStrings(
ListenerRuleConditionQueryStringArgs.builder()
.key("health")
.value("check")
.build(),
ListenerRuleConditionQueryStringArgs.builder()
.value("bar")
.build())
.build())
.build());
// Authenticate-cognito Action
var pool = new UserPool("pool");
var client = new UserPoolClient("client");
var domain = new UserPoolDomain("domain");
var admin = new ListenerRule("admin", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(
ListenerRuleActionArgs.builder()
.type("authenticate-cognito")
.authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
.userPoolArn(pool.arn())
.userPoolClientId(client.id())
.userPoolDomain(domain.domain())
.build())
.build(),
ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.build());
// Authenticate-oidc Action
var oidc = new ListenerRule("oidc", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(
ListenerRuleActionArgs.builder()
.type("authenticate-oidc")
.authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
.authorizationEndpoint("https://example.com/authorization_endpoint")
.clientId("client_id")
.clientSecret("client_secret")
.issuer("https://example.com")
.tokenEndpoint("https://example.com/token_endpoint")
.userInfoEndpoint("https://example.com/user_info_endpoint")
.build())
.build(),
ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.build());
}
}
resources:
frontEnd:
type: aws:lb:LoadBalancer
name: front_end
frontEndListener:
type: aws:lb:Listener
name: front_end
static:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
priority: 100
actions:
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
conditions:
- pathPattern:
values:
- /static/*
- hostHeader:
values:
- example.com
# Forward action
hostBasedWeightedRouting:
type: aws:lb:ListenerRule
name: host_based_weighted_routing
properties:
listenerArn: ${frontEndListener.arn}
priority: 99
actions:
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
conditions:
- hostHeader:
values:
- my-service.*.mycompany.io
# Weighted Forward action
hostBasedRouting:
type: aws:lb:ListenerRule
name: host_based_routing
properties:
listenerArn: ${frontEndListener.arn}
priority: 99
actions:
- type: forward
forward:
targetGroups:
- arn: ${main.arn}
weight: 80
- arn: ${canary.arn}
weight: 20
stickiness:
enabled: true
duration: 600
conditions:
- hostHeader:
values:
- my-service.*.mycompany.io
# Redirect action
redirectHttpToHttps:
type: aws:lb:ListenerRule
name: redirect_http_to_https
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: redirect
redirect:
port: '443'
protocol: HTTPS
statusCode: HTTP_301
conditions:
- httpHeader:
httpHeaderName: X-Forwarded-For
values:
- 192.168.1.*
# Fixed-response action
healthCheck:
type: aws:lb:ListenerRule
name: health_check
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: fixed-response
fixedResponse:
contentType: text/plain
messageBody: HEALTHY
statusCode: '200'
conditions:
- queryStrings:
- key: health
value: check
- value: bar
# Authenticate-cognito Action
pool:
type: aws:cognito:UserPool
client:
type: aws:cognito:UserPoolClient
domain:
type: aws:cognito:UserPoolDomain
admin:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: authenticate-cognito
authenticateCognito:
userPoolArn: ${pool.arn}
userPoolClientId: ${client.id}
userPoolDomain: ${domain.domain}
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
# Authenticate-oidc Action
oidc:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: authenticate-oidc
authenticateOidc:
authorizationEndpoint: https://example.com/authorization_endpoint
clientId: client_id
clientSecret: client_secret
issuer: https://example.com
tokenEndpoint: https://example.com/token_endpoint
userInfoEndpoint: https://example.com/user_info_endpoint
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
Create ListenerRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ListenerRule(name: string, args: ListenerRuleArgs, opts?: CustomResourceOptions);@overload
def ListenerRule(resource_name: str,
args: ListenerRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ListenerRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[ListenerRuleActionArgs]] = None,
conditions: Optional[Sequence[ListenerRuleConditionArgs]] = None,
listener_arn: Optional[str] = None,
priority: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None)func NewListenerRule(ctx *Context, name string, args ListenerRuleArgs, opts ...ResourceOption) (*ListenerRule, error)public ListenerRule(string name, ListenerRuleArgs args, CustomResourceOptions? opts = null)
public ListenerRule(String name, ListenerRuleArgs args)
public ListenerRule(String name, ListenerRuleArgs args, CustomResourceOptions options)
type: aws:lb:ListenerRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ListenerRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ListenerRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ListenerRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ListenerRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ListenerRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsListenerRuleResource = new Aws.LB.ListenerRule("awsListenerRuleResource", new()
{
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "string",
AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs
{
UserPoolArn = "string",
UserPoolClientId = "string",
UserPoolDomain = "string",
AuthenticationRequestExtraParams =
{
{ "string", "string" },
},
OnUnauthenticatedRequest = "string",
Scope = "string",
SessionCookieName = "string",
SessionTimeout = 0,
},
AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "string",
ClientId = "string",
ClientSecret = "string",
Issuer = "string",
TokenEndpoint = "string",
UserInfoEndpoint = "string",
AuthenticationRequestExtraParams =
{
{ "string", "string" },
},
OnUnauthenticatedRequest = "string",
Scope = "string",
SessionCookieName = "string",
SessionTimeout = 0,
},
FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs
{
ContentType = "string",
MessageBody = "string",
StatusCode = "string",
},
Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs
{
TargetGroups = new[]
{
new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
{
Arn = "string",
Weight = 0,
},
},
Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs
{
Duration = 0,
Enabled = false,
},
},
Order = 0,
Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs
{
StatusCode = "string",
Host = "string",
Path = "string",
Port = "string",
Protocol = "string",
Query = "string",
},
TargetGroupArn = "string",
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"string",
},
},
HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs
{
HttpHeaderName = "string",
Values = new[]
{
"string",
},
},
HttpRequestMethod = new Aws.LB.Inputs.ListenerRuleConditionHttpRequestMethodArgs
{
Values = new[]
{
"string",
},
},
PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs
{
Values = new[]
{
"string",
},
},
QueryStrings = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
{
Value = "string",
Key = "string",
},
},
SourceIp = new Aws.LB.Inputs.ListenerRuleConditionSourceIpArgs
{
Values = new[]
{
"string",
},
},
},
},
ListenerArn = "string",
Priority = 0,
Tags =
{
{ "string", "string" },
},
});
example, err := lb.NewListenerRule(ctx, "awsListenerRuleResource", &lb.ListenerRuleArgs{
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("string"),
AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{
UserPoolArn: pulumi.String("string"),
UserPoolClientId: pulumi.String("string"),
UserPoolDomain: pulumi.String("string"),
AuthenticationRequestExtraParams: pulumi.StringMap{
"string": pulumi.String("string"),
},
OnUnauthenticatedRequest: pulumi.String("string"),
Scope: pulumi.String("string"),
SessionCookieName: pulumi.String("string"),
SessionTimeout: pulumi.Int(0),
},
AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{
AuthorizationEndpoint: pulumi.String("string"),
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
Issuer: pulumi.String("string"),
TokenEndpoint: pulumi.String("string"),
UserInfoEndpoint: pulumi.String("string"),
AuthenticationRequestExtraParams: pulumi.StringMap{
"string": pulumi.String("string"),
},
OnUnauthenticatedRequest: pulumi.String("string"),
Scope: pulumi.String("string"),
SessionCookieName: pulumi.String("string"),
SessionTimeout: pulumi.Int(0),
},
FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{
ContentType: pulumi.String("string"),
MessageBody: pulumi.String("string"),
StatusCode: pulumi.String("string"),
},
Forward: &lb.ListenerRuleActionForwardArgs{
TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{
&lb.ListenerRuleActionForwardTargetGroupArgs{
Arn: pulumi.String("string"),
Weight: pulumi.Int(0),
},
},
Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{
Duration: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
},
Order: pulumi.Int(0),
Redirect: &lb.ListenerRuleActionRedirectArgs{
StatusCode: pulumi.String("string"),
Host: pulumi.String("string"),
Path: pulumi.String("string"),
Port: pulumi.String("string"),
Protocol: pulumi.String("string"),
Query: pulumi.String("string"),
},
TargetGroupArn: pulumi.String("string"),
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{
HttpHeaderName: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
HttpRequestMethod: &lb.ListenerRuleConditionHttpRequestMethodArgs{
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
PathPattern: &lb.ListenerRuleConditionPathPatternArgs{
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryStrings: lb.ListenerRuleConditionQueryStringArray{
&lb.ListenerRuleConditionQueryStringArgs{
Value: pulumi.String("string"),
Key: pulumi.String("string"),
},
},
SourceIp: &lb.ListenerRuleConditionSourceIpArgs{
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
ListenerArn: pulumi.String("string"),
Priority: pulumi.Int(0),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var awsListenerRuleResource = new com.pulumi.aws.lb.ListenerRule("awsListenerRuleResource", com.pulumi.aws.lb.ListenerRuleArgs.builder()
.actions(ListenerRuleActionArgs.builder()
.type("string")
.authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
.userPoolArn("string")
.userPoolClientId("string")
.userPoolDomain("string")
.authenticationRequestExtraParams(Map.of("string", "string"))
.onUnauthenticatedRequest("string")
.scope("string")
.sessionCookieName("string")
.sessionTimeout(0)
.build())
.authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
.authorizationEndpoint("string")
.clientId("string")
.clientSecret("string")
.issuer("string")
.tokenEndpoint("string")
.userInfoEndpoint("string")
.authenticationRequestExtraParams(Map.of("string", "string"))
.onUnauthenticatedRequest("string")
.scope("string")
.sessionCookieName("string")
.sessionTimeout(0)
.build())
.fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
.contentType("string")
.messageBody("string")
.statusCode("string")
.build())
.forward(ListenerRuleActionForwardArgs.builder()
.targetGroups(ListenerRuleActionForwardTargetGroupArgs.builder()
.arn("string")
.weight(0)
.build())
.stickiness(ListenerRuleActionForwardStickinessArgs.builder()
.duration(0)
.enabled(false)
.build())
.build())
.order(0)
.redirect(ListenerRuleActionRedirectArgs.builder()
.statusCode("string")
.host("string")
.path("string")
.port("string")
.protocol("string")
.query("string")
.build())
.targetGroupArn("string")
.build())
.conditions(ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("string")
.build())
.httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
.httpHeaderName("string")
.values("string")
.build())
.httpRequestMethod(ListenerRuleConditionHttpRequestMethodArgs.builder()
.values("string")
.build())
.pathPattern(ListenerRuleConditionPathPatternArgs.builder()
.values("string")
.build())
.queryStrings(ListenerRuleConditionQueryStringArgs.builder()
.value("string")
.key("string")
.build())
.sourceIp(ListenerRuleConditionSourceIpArgs.builder()
.values("string")
.build())
.build())
.listenerArn("string")
.priority(0)
.tags(Map.of("string", "string"))
.build());
aws_listener_rule_resource = aws.lb.ListenerRule("awsListenerRuleResource",
actions=[{
"type": "string",
"authenticate_cognito": {
"user_pool_arn": "string",
"user_pool_client_id": "string",
"user_pool_domain": "string",
"authentication_request_extra_params": {
"string": "string",
},
"on_unauthenticated_request": "string",
"scope": "string",
"session_cookie_name": "string",
"session_timeout": 0,
},
"authenticate_oidc": {
"authorization_endpoint": "string",
"client_id": "string",
"client_secret": "string",
"issuer": "string",
"token_endpoint": "string",
"user_info_endpoint": "string",
"authentication_request_extra_params": {
"string": "string",
},
"on_unauthenticated_request": "string",
"scope": "string",
"session_cookie_name": "string",
"session_timeout": 0,
},
"fixed_response": {
"content_type": "string",
"message_body": "string",
"status_code": "string",
},
"forward": {
"target_groups": [{
"arn": "string",
"weight": 0,
}],
"stickiness": {
"duration": 0,
"enabled": False,
},
},
"order": 0,
"redirect": {
"status_code": "string",
"host": "string",
"path": "string",
"port": "string",
"protocol": "string",
"query": "string",
},
"target_group_arn": "string",
}],
conditions=[{
"host_header": {
"values": ["string"],
},
"http_header": {
"http_header_name": "string",
"values": ["string"],
},
"http_request_method": {
"values": ["string"],
},
"path_pattern": {
"values": ["string"],
},
"query_strings": [{
"value": "string",
"key": "string",
}],
"source_ip": {
"values": ["string"],
},
}],
listener_arn="string",
priority=0,
tags={
"string": "string",
})
const awsListenerRuleResource = new aws.lb.ListenerRule("awsListenerRuleResource", {
actions: [{
type: "string",
authenticateCognito: {
userPoolArn: "string",
userPoolClientId: "string",
userPoolDomain: "string",
authenticationRequestExtraParams: {
string: "string",
},
onUnauthenticatedRequest: "string",
scope: "string",
sessionCookieName: "string",
sessionTimeout: 0,
},
authenticateOidc: {
authorizationEndpoint: "string",
clientId: "string",
clientSecret: "string",
issuer: "string",
tokenEndpoint: "string",
userInfoEndpoint: "string",
authenticationRequestExtraParams: {
string: "string",
},
onUnauthenticatedRequest: "string",
scope: "string",
sessionCookieName: "string",
sessionTimeout: 0,
},
fixedResponse: {
contentType: "string",
messageBody: "string",
statusCode: "string",
},
forward: {
targetGroups: [{
arn: "string",
weight: 0,
}],
stickiness: {
duration: 0,
enabled: false,
},
},
order: 0,
redirect: {
statusCode: "string",
host: "string",
path: "string",
port: "string",
protocol: "string",
query: "string",
},
targetGroupArn: "string",
}],
conditions: [{
hostHeader: {
values: ["string"],
},
httpHeader: {
httpHeaderName: "string",
values: ["string"],
},
httpRequestMethod: {
values: ["string"],
},
pathPattern: {
values: ["string"],
},
queryStrings: [{
value: "string",
key: "string",
}],
sourceIp: {
values: ["string"],
},
}],
listenerArn: "string",
priority: 0,
tags: {
string: "string",
},
});
type: aws:lb:ListenerRule
properties:
actions:
- authenticateCognito:
authenticationRequestExtraParams:
string: string
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: 0
userPoolArn: string
userPoolClientId: string
userPoolDomain: string
authenticateOidc:
authenticationRequestExtraParams:
string: string
authorizationEndpoint: string
clientId: string
clientSecret: string
issuer: string
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: 0
tokenEndpoint: string
userInfoEndpoint: string
fixedResponse:
contentType: string
messageBody: string
statusCode: string
forward:
stickiness:
duration: 0
enabled: false
targetGroups:
- arn: string
weight: 0
order: 0
redirect:
host: string
path: string
port: string
protocol: string
query: string
statusCode: string
targetGroupArn: string
type: string
conditions:
- hostHeader:
values:
- string
httpHeader:
httpHeaderName: string
values:
- string
httpRequestMethod:
values:
- string
pathPattern:
values:
- string
queryStrings:
- key: string
value: string
sourceIp:
values:
- string
listenerArn: string
priority: 0
tags:
string: string
ListenerRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ListenerRule resource accepts the following input properties:
- Actions
List<Listener
Rule Action> - An Action block. Action blocks are documented below.
- Conditions
List<Listener
Rule Condition> - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- Listener
Arn string - The ARN of the listener to which to attach the rule.
- Priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Dictionary<string, string>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Actions
[]Listener
Rule Action Args - An Action block. Action blocks are documented below.
- Conditions
[]Listener
Rule Condition Args - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- Listener
Arn string - The ARN of the listener to which to attach the rule.
- Priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - map[string]string
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- actions
List<Listener
Rule Action> - An Action block. Action blocks are documented below.
- conditions
List<Listener
Rule Condition> - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn String - The ARN of the listener to which to attach the rule.
- priority Integer
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Map<String,String>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- actions
Listener
Rule Action[] - An Action block. Action blocks are documented below.
- conditions
Listener
Rule Condition[] - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn string - The ARN of the listener to which to attach the rule.
- priority number
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - {[key: string]: string}
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- actions
Sequence[Listener
Rule Action Args] - An Action block. Action blocks are documented below.
- conditions
Sequence[Listener
Rule Condition Args] - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener_
arn str - The ARN of the listener to which to attach the rule.
- priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Mapping[str, str]
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- actions List<Property Map>
- An Action block. Action blocks are documented below.
- conditions List<Property Map>
- A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn String - The ARN of the listener to which to attach the rule.
- priority Number
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Map<String>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the ListenerRule resource produces the following output properties:
Look up Existing ListenerRule Resource
Get an existing ListenerRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ListenerRuleState, opts?: CustomResourceOptions): ListenerRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[ListenerRuleActionArgs]] = None,
arn: Optional[str] = None,
conditions: Optional[Sequence[ListenerRuleConditionArgs]] = None,
listener_arn: Optional[str] = None,
priority: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> ListenerRulefunc GetListenerRule(ctx *Context, name string, id IDInput, state *ListenerRuleState, opts ...ResourceOption) (*ListenerRule, error)public static ListenerRule Get(string name, Input<string> id, ListenerRuleState? state, CustomResourceOptions? opts = null)public static ListenerRule get(String name, Output<String> id, ListenerRuleState state, CustomResourceOptions options)resources: _: type: aws:lb:ListenerRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Actions
List<Listener
Rule Action> - An Action block. Action blocks are documented below.
- Arn string
- The ARN of the rule (matches
id) - Conditions
List<Listener
Rule Condition> - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- Listener
Arn string - The ARN of the listener to which to attach the rule.
- Priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Dictionary<string, string>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- Actions
[]Listener
Rule Action Args - An Action block. Action blocks are documented below.
- Arn string
- The ARN of the rule (matches
id) - Conditions
[]Listener
Rule Condition Args - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- Listener
Arn string - The ARN of the listener to which to attach the rule.
- Priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - map[string]string
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- actions
List<Listener
Rule Action> - An Action block. Action blocks are documented below.
- arn String
- The ARN of the rule (matches
id) - conditions
List<Listener
Rule Condition> - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn String - The ARN of the listener to which to attach the rule.
- priority Integer
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Map<String,String>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- actions
Listener
Rule Action[] - An Action block. Action blocks are documented below.
- arn string
- The ARN of the rule (matches
id) - conditions
Listener
Rule Condition[] - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn string - The ARN of the listener to which to attach the rule.
- priority number
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - {[key: string]: string}
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- actions
Sequence[Listener
Rule Action Args] - An Action block. Action blocks are documented below.
- arn str
- The ARN of the rule (matches
id) - conditions
Sequence[Listener
Rule Condition Args] - A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener_
arn str - The ARN of the listener to which to attach the rule.
- priority int
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Mapping[str, str]
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- actions List<Property Map>
- An Action block. Action blocks are documented below.
- arn String
- The ARN of the rule (matches
id) - conditions List<Property Map>
- A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
- listener
Arn String - The ARN of the listener to which to attach the rule.
- priority Number
- The priority for the rule between
1and50000. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. - Map<String>
- A map of tags to assign to the resource. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
Supporting Types
ListenerRuleAction, ListenerRuleActionArgs
- Type string
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - Authenticate
Cognito ListenerRule Action Authenticate Cognito - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - Authenticate
Oidc ListenerRule Action Authenticate Oidc - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - Fixed
Response ListenerRule Action Fixed Response - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - Forward
Listener
Rule Action Forward - Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - Order int
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - Redirect
Listener
Rule Action Redirect - Information for creating a redirect action. Required if
typeisredirect. - Target
Group stringArn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
- Type string
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - Authenticate
Cognito ListenerRule Action Authenticate Cognito - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - Authenticate
Oidc ListenerRule Action Authenticate Oidc - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - Fixed
Response ListenerRule Action Fixed Response - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - Forward
Listener
Rule Action Forward - Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - Order int
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - Redirect
Listener
Rule Action Redirect - Information for creating a redirect action. Required if
typeisredirect. - Target
Group stringArn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
- type String
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - authenticate
Cognito ListenerRule Action Authenticate Cognito - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - authenticate
Oidc ListenerRule Action Authenticate Oidc - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - fixed
Response ListenerRule Action Fixed Response - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - forward
Listener
Rule Action Forward - Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - order Integer
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - redirect
Listener
Rule Action Redirect - Information for creating a redirect action. Required if
typeisredirect. - target
Group StringArn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
- type string
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - authenticate
Cognito ListenerRule Action Authenticate Cognito - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - authenticate
Oidc ListenerRule Action Authenticate Oidc - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - fixed
Response ListenerRule Action Fixed Response - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - forward
Listener
Rule Action Forward - Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - order number
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - redirect
Listener
Rule Action Redirect - Information for creating a redirect action. Required if
typeisredirect. - target
Group stringArn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
- type str
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - authenticate_
cognito ListenerRule Action Authenticate Cognito - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - authenticate_
oidc ListenerRule Action Authenticate Oidc - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - fixed_
response ListenerRule Action Fixed Response - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - forward
Listener
Rule Action Forward - Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - order int
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - redirect
Listener
Rule Action Redirect - Information for creating a redirect action. Required if
typeisredirect. - target_
group_ strarn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
- type String
- The type of routing action. Valid values are
forward,redirect,fixed-response,authenticate-cognitoandauthenticate-oidc. - authenticate
Cognito Property Map - Information for creating an authenticate action using Cognito. Required if
typeisauthenticate-cognito. - authenticate
Oidc Property Map - Information for creating an authenticate action using OIDC. Required if
typeisauthenticate-oidc. - fixed
Response Property Map - Information for creating an action that returns a custom HTTP response. Required if
typeisfixed-response. - forward Property Map
- Configuration block for creating an action that distributes requests among one or more target groups.
Specify only if
typeisforward. Cannot be specified withtarget_group_arn. - order Number
- Order for the action.
The action with the lowest value for order is performed first.
Valid values are between
1and50000. Defaults to the position in the list of actions. - redirect Property Map
- Information for creating a redirect action. Required if
typeisredirect. - target
Group StringArn - ARN of the Target Group to which to route traffic.
Specify only if
typeisforwardand you want to route to a single target group. To route to one or more target groups, use aforwardblock instead. Cannot be specified withforward.
ListenerRuleActionAuthenticateCognito, ListenerRuleActionAuthenticateCognitoArgs
- User
Pool stringArn - The ARN of the Cognito user pool.
- User
Pool stringClient Id - The ID of the Cognito user pool client.
- User
Pool stringDomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- Authentication
Request Dictionary<string, string>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - Scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- Session
Timeout int - The maximum duration of the authentication session, in seconds.
- User
Pool stringArn - The ARN of the Cognito user pool.
- User
Pool stringClient Id - The ID of the Cognito user pool client.
- User
Pool stringDomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- Authentication
Request map[string]stringExtra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - Scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- Session
Timeout int - The maximum duration of the authentication session, in seconds.
- user
Pool StringArn - The ARN of the Cognito user pool.
- user
Pool StringClient Id - The ID of the Cognito user pool client.
- user
Pool StringDomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request Map<String,String>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope String
- The set of user claims to be requested from the IdP.
- String
- The name of the cookie used to maintain session information.
- session
Timeout Integer - The maximum duration of the authentication session, in seconds.
- user
Pool stringArn - The ARN of the Cognito user pool.
- user
Pool stringClient Id - The ID of the Cognito user pool client.
- user
Pool stringDomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request {[key: string]: string}Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- session
Timeout number - The maximum duration of the authentication session, in seconds.
- user_
pool_ strarn - The ARN of the Cognito user pool.
- user_
pool_ strclient_ id - The ID of the Cognito user pool client.
- user_
pool_ strdomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication_
request_ Mapping[str, str]extra_ params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on_
unauthenticated_ strrequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope str
- The set of user claims to be requested from the IdP.
- str
- The name of the cookie used to maintain session information.
- session_
timeout int - The maximum duration of the authentication session, in seconds.
- user
Pool StringArn - The ARN of the Cognito user pool.
- user
Pool StringClient Id - The ID of the Cognito user pool client.
- user
Pool StringDomain - The domain prefix or fully-qualified domain name of the Cognito user pool.
- authentication
Request Map<String>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope String
- The set of user claims to be requested from the IdP.
- String
- The name of the cookie used to maintain session information.
- session
Timeout Number - The maximum duration of the authentication session, in seconds.
ListenerRuleActionAuthenticateOidc, ListenerRuleActionAuthenticateOidcArgs
- string
- The authorization endpoint of the IdP.
- Client
Id string - The OAuth 2.0 client identifier.
- Client
Secret string - The OAuth 2.0 client secret.
- Issuer string
- The OIDC issuer identifier of the IdP.
- Token
Endpoint string - The token endpoint of the IdP.
- User
Info stringEndpoint - The user info endpoint of the IdP.
- Authentication
Request Dictionary<string, string>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - Scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- Session
Timeout int - The maximum duration of the authentication session, in seconds.
- string
- The authorization endpoint of the IdP.
- Client
Id string - The OAuth 2.0 client identifier.
- Client
Secret string - The OAuth 2.0 client secret.
- Issuer string
- The OIDC issuer identifier of the IdP.
- Token
Endpoint string - The token endpoint of the IdP.
- User
Info stringEndpoint - The user info endpoint of the IdP.
- Authentication
Request map[string]stringExtra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- On
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - Scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- Session
Timeout int - The maximum duration of the authentication session, in seconds.
- String
- The authorization endpoint of the IdP.
- client
Id String - The OAuth 2.0 client identifier.
- client
Secret String - The OAuth 2.0 client secret.
- issuer String
- The OIDC issuer identifier of the IdP.
- token
Endpoint String - The token endpoint of the IdP.
- user
Info StringEndpoint - The user info endpoint of the IdP.
- authentication
Request Map<String,String>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope String
- The set of user claims to be requested from the IdP.
- String
- The name of the cookie used to maintain session information.
- session
Timeout Integer - The maximum duration of the authentication session, in seconds.
- string
- The authorization endpoint of the IdP.
- client
Id string - The OAuth 2.0 client identifier.
- client
Secret string - The OAuth 2.0 client secret.
- issuer string
- The OIDC issuer identifier of the IdP.
- token
Endpoint string - The token endpoint of the IdP.
- user
Info stringEndpoint - The user info endpoint of the IdP.
- authentication
Request {[key: string]: string}Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated stringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope string
- The set of user claims to be requested from the IdP.
- string
- The name of the cookie used to maintain session information.
- session
Timeout number - The maximum duration of the authentication session, in seconds.
- str
- The authorization endpoint of the IdP.
- client_
id str - The OAuth 2.0 client identifier.
- client_
secret str - The OAuth 2.0 client secret.
- issuer str
- The OIDC issuer identifier of the IdP.
- token_
endpoint str - The token endpoint of the IdP.
- user_
info_ strendpoint - The user info endpoint of the IdP.
- authentication_
request_ Mapping[str, str]extra_ params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on_
unauthenticated_ strrequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope str
- The set of user claims to be requested from the IdP.
- str
- The name of the cookie used to maintain session information.
- session_
timeout int - The maximum duration of the authentication session, in seconds.
- String
- The authorization endpoint of the IdP.
- client
Id String - The OAuth 2.0 client identifier.
- client
Secret String - The OAuth 2.0 client secret.
- issuer String
- The OIDC issuer identifier of the IdP.
- token
Endpoint String - The token endpoint of the IdP.
- user
Info StringEndpoint - The user info endpoint of the IdP.
- authentication
Request Map<String>Extra Params - The query parameters to include in the redirect request to the authorization endpoint. Max: 10.
- on
Unauthenticated StringRequest - The behavior if the user is not authenticated. Valid values:
deny,allowandauthenticate - scope String
- The set of user claims to be requested from the IdP.
- String
- The name of the cookie used to maintain session information.
- session
Timeout Number - The maximum duration of the authentication session, in seconds.
ListenerRuleActionFixedResponse, ListenerRuleActionFixedResponseArgs
- Content
Type string - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - Message
Body string - The message body.
- Status
Code string - The HTTP response code. Valid values are
2XX,4XX, or5XX.
- Content
Type string - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - Message
Body string - The message body.
- Status
Code string - The HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type String - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - message
Body String - The message body.
- status
Code String - The HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type string - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - message
Body string - The message body.
- status
Code string - The HTTP response code. Valid values are
2XX,4XX, or5XX.
- content_
type str - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - message_
body str - The message body.
- status_
code str - The HTTP response code. Valid values are
2XX,4XX, or5XX.
- content
Type String - The content type. Valid values are
text/plain,text/css,text/html,application/javascriptandapplication/json. - message
Body String - The message body.
- status
Code String - The HTTP response code. Valid values are
2XX,4XX, or5XX.
ListenerRuleActionForward, ListenerRuleActionForwardArgs
- Target
Groups List<ListenerRule Action Forward Target Group> - One or more target group blocks.
- Stickiness
Listener
Rule Action Forward Stickiness - The target group stickiness for the rule.
- Target
Groups []ListenerRule Action Forward Target Group - One or more target group blocks.
- Stickiness
Listener
Rule Action Forward Stickiness - The target group stickiness for the rule.
- target
Groups List<ListenerRule Action Forward Target Group> - One or more target group blocks.
- stickiness
Listener
Rule Action Forward Stickiness - The target group stickiness for the rule.
- target
Groups ListenerRule Action Forward Target Group[] - One or more target group blocks.
- stickiness
Listener
Rule Action Forward Stickiness - The target group stickiness for the rule.
- target_
groups Sequence[ListenerRule Action Forward Target Group] - One or more target group blocks.
- stickiness
Listener
Rule Action Forward Stickiness - The target group stickiness for the rule.
- target
Groups List<Property Map> - One or more target group blocks.
- stickiness Property Map
- The target group stickiness for the rule.
ListenerRuleActionForwardStickiness, ListenerRuleActionForwardStickinessArgs
ListenerRuleActionForwardTargetGroup, ListenerRuleActionForwardTargetGroupArgs
ListenerRuleActionRedirect, ListenerRuleActionRedirectArgs
- Status
Code string - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - Host string
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - Path string
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - Port string
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - Protocol string
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - Query string
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- Status
Code string - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - Host string
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - Path string
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - Port string
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - Protocol string
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - Query string
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code String - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - host String
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - path String
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - port String
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - protocol String
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - query String
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code string - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - host string
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - path string
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - port string
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - protocol string
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - query string
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status_
code str - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - host str
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - path str
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - port str
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - protocol str
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - query str
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
- status
Code String - The HTTP redirect code. The redirect is either permanent (
HTTP_301) or temporary (HTTP_302). - host String
- The hostname. This component is not percent-encoded. The hostname can contain
#{host}. Defaults to#{host}. - path String
- The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to
/#{path}. - port String
- The port. Specify a value from
1to65535or#{port}. Defaults to#{port}. - protocol String
- The protocol. Valid values are
HTTP,HTTPS, or#{protocol}. Defaults to#{protocol}. - query String
- The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to
#{query}.
ListenerRuleCondition, ListenerRuleConditionArgs
- Host
Header ListenerRule Condition Host Header - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - Http
Header ListenerRule Condition Http Header - HTTP headers to match. HTTP Header block fields documented below.
- Http
Request ListenerMethod Rule Condition Http Request Method - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - Path
Pattern ListenerRule Condition Path Pattern - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - Query
Strings List<ListenerRule Condition Query String> - Query strings to match. Query String block fields documented below.
- Source
Ip ListenerRule Condition Source Ip Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
- Host
Header ListenerRule Condition Host Header - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - Http
Header ListenerRule Condition Http Header - HTTP headers to match. HTTP Header block fields documented below.
- Http
Request ListenerMethod Rule Condition Http Request Method - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - Path
Pattern ListenerRule Condition Path Pattern - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - Query
Strings []ListenerRule Condition Query String - Query strings to match. Query String block fields documented below.
- Source
Ip ListenerRule Condition Source Ip Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
- host
Header ListenerRule Condition Host Header - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - http
Header ListenerRule Condition Http Header - HTTP headers to match. HTTP Header block fields documented below.
- http
Request ListenerMethod Rule Condition Http Request Method - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - path
Pattern ListenerRule Condition Path Pattern - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - query
Strings List<ListenerRule Condition Query String> - Query strings to match. Query String block fields documented below.
- source
Ip ListenerRule Condition Source Ip Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
- host
Header ListenerRule Condition Host Header - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - http
Header ListenerRule Condition Http Header - HTTP headers to match. HTTP Header block fields documented below.
- http
Request ListenerMethod Rule Condition Http Request Method - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - path
Pattern ListenerRule Condition Path Pattern - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - query
Strings ListenerRule Condition Query String[] - Query strings to match. Query String block fields documented below.
- source
Ip ListenerRule Condition Source Ip Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
- host_
header ListenerRule Condition Host Header - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - http_
header ListenerRule Condition Http Header - HTTP headers to match. HTTP Header block fields documented below.
- http_
request_ Listenermethod Rule Condition Http Request Method - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - path_
pattern ListenerRule Condition Path Pattern - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - query_
strings Sequence[ListenerRule Condition Query String] - Query strings to match. Query String block fields documented below.
- source_
ip ListenerRule Condition Source Ip Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
- host
Header Property Map - Contains a single
valuesitem which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. - http
Header Property Map - HTTP headers to match. HTTP Header block fields documented below.
- http
Request Property MapMethod - Contains a single
valuesitem which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. - path
Pattern Property Map - Contains a single
valuesitem which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use aquery_stringcondition. - query
Strings List<Property Map> - Query strings to match. Query String block fields documented below.
- source
Ip Property Map Contains a single
valuesitem which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in theX-Forwarded-Forheader, usehttp_headercondition instead.NOTE:: Exactly one of
host_header,http_header,http_request_method,path_pattern,query_stringorsource_ipmust be set per condition.
ListenerRuleConditionHostHeader, ListenerRuleConditionHostHeaderArgs
- Values List<string>
- Values []string
- values List<String>
- values string[]
- values Sequence[str]
- values List<String>
ListenerRuleConditionHttpHeader, ListenerRuleConditionHttpHeaderArgs
- Http
Header stringName - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - Values List<string>
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
- Http
Header stringName - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - Values []string
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
- http
Header StringName - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - values List<String>
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
- http
Header stringName - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - values string[]
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
- http_
header_ strname - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - values Sequence[str]
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
- http
Header StringName - Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a
host-headercondition instead. - values List<String>
- List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string.
ListenerRuleConditionHttpRequestMethod, ListenerRuleConditionHttpRequestMethodArgs
- Values List<string>
- Values []string
- values List<String>
- values string[]
- values Sequence[str]
- values List<String>
ListenerRuleConditionPathPattern, ListenerRuleConditionPathPatternArgs
- Values List<string>
- Values []string
- values List<String>
- values string[]
- values Sequence[str]
- values List<String>
ListenerRuleConditionQueryString, ListenerRuleConditionQueryStringArgs
ListenerRuleConditionSourceIp, ListenerRuleConditionSourceIpArgs
- Values List<string>
- Values []string
- values List<String>
- values string[]
- values Sequence[str]
- values List<String>
Import
Using pulumi import, import rules using their ARN. For example:
$ pulumi import aws:lb/listenerRule:ListenerRule front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.