awsx.lb.ApplicationLoadBalancer
Explore with Pulumi AI
Provides an Application Load Balancer resource with listeners, default target group and default security group.
Create ApplicationLoadBalancer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ApplicationLoadBalancer(name: string, args?: ApplicationLoadBalancerArgs, opts?: ComponentResourceOptions);@overload
def ApplicationLoadBalancer(resource_name: str,
                            args: Optional[ApplicationLoadBalancerArgs] = None,
                            opts: Optional[ResourceOptions] = None)
@overload
def ApplicationLoadBalancer(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            access_logs: Optional[pulumi_aws.lb.LoadBalancerAccessLogsArgs] = None,
                            client_keep_alive: Optional[int] = None,
                            connection_logs: Optional[pulumi_aws.lb.LoadBalancerConnectionLogsArgs] = None,
                            customer_owned_ipv4_pool: Optional[str] = None,
                            default_security_group: Optional[_awsx.DefaultSecurityGroupArgs] = None,
                            default_target_group: Optional[TargetGroupArgs] = None,
                            default_target_group_port: Optional[int] = None,
                            desync_mitigation_mode: Optional[str] = None,
                            dns_record_client_routing_policy: Optional[str] = None,
                            drop_invalid_header_fields: Optional[bool] = None,
                            enable_deletion_protection: Optional[bool] = None,
                            enable_http2: Optional[bool] = None,
                            enable_tls_version_and_cipher_suite_headers: Optional[bool] = None,
                            enable_waf_fail_open: Optional[bool] = None,
                            enable_xff_client_port: Optional[bool] = None,
                            enable_zonal_shift: Optional[bool] = None,
                            enforce_security_group_inbound_rules_on_private_link_traffic: Optional[str] = None,
                            idle_timeout: Optional[int] = None,
                            internal: Optional[bool] = None,
                            ip_address_type: Optional[str] = None,
                            listener: Optional[ListenerArgs] = None,
                            listeners: Optional[Sequence[ListenerArgs]] = None,
                            name: Optional[str] = None,
                            name_prefix: Optional[str] = None,
                            preserve_host_header: Optional[bool] = None,
                            security_groups: Optional[Sequence[str]] = None,
                            subnet_ids: Optional[Sequence[str]] = None,
                            subnet_mappings: Optional[Sequence[pulumi_aws.lb.LoadBalancerSubnetMappingArgs]] = None,
                            subnets: Optional[Sequence[pulumi_aws.ec2.Subnet]] = None,
                            tags: Optional[Mapping[str, str]] = None,
                            xff_header_processing_mode: Optional[str] = None)func NewApplicationLoadBalancer(ctx *Context, name string, args *ApplicationLoadBalancerArgs, opts ...ResourceOption) (*ApplicationLoadBalancer, error)public ApplicationLoadBalancer(string name, ApplicationLoadBalancerArgs? args = null, ComponentResourceOptions? opts = null)
public ApplicationLoadBalancer(String name, ApplicationLoadBalancerArgs args)
public ApplicationLoadBalancer(String name, ApplicationLoadBalancerArgs args, ComponentResourceOptions options)
type: awsx:lb:ApplicationLoadBalancer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ApplicationLoadBalancerArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ApplicationLoadBalancerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ApplicationLoadBalancerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationLoadBalancerArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ApplicationLoadBalancerArgs
- The arguments to resource properties.
- options ComponentResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var applicationLoadBalancerResource = new Awsx.Lb.ApplicationLoadBalancer("applicationLoadBalancerResource", new()
{
    AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs
    {
        Bucket = "string",
        Enabled = false,
        Prefix = "string",
    },
    ClientKeepAlive = 0,
    ConnectionLogs = new Aws.LB.Inputs.LoadBalancerConnectionLogsArgs
    {
        Bucket = "string",
        Enabled = false,
        Prefix = "string",
    },
    CustomerOwnedIpv4Pool = "string",
    DefaultSecurityGroup = new Awsx.Awsx.Inputs.DefaultSecurityGroupArgs
    {
        Args = new Awsx.Awsx.Inputs.SecurityGroupArgs
        {
            Description = "string",
            Egress = new()
            {
                new Aws.Ec2.Inputs.SecurityGroupEgressArgs
                {
                    FromPort = 0,
                    Protocol = "string",
                    ToPort = 0,
                    CidrBlocks = new()
                    {
                        "string",
                    },
                    Description = "string",
                    Ipv6CidrBlocks = new()
                    {
                        "string",
                    },
                    PrefixListIds = new()
                    {
                        "string",
                    },
                    SecurityGroups = new()
                    {
                        "string",
                    },
                    Self = false,
                },
            },
            Ingress = new()
            {
                new Aws.Ec2.Inputs.SecurityGroupIngressArgs
                {
                    FromPort = 0,
                    Protocol = "string",
                    ToPort = 0,
                    CidrBlocks = new()
                    {
                        "string",
                    },
                    Description = "string",
                    Ipv6CidrBlocks = new()
                    {
                        "string",
                    },
                    PrefixListIds = new()
                    {
                        "string",
                    },
                    SecurityGroups = new()
                    {
                        "string",
                    },
                    Self = false,
                },
            },
            Name = "string",
            NamePrefix = "string",
            RevokeRulesOnDelete = false,
            Tags = 
            {
                { "string", "string" },
            },
            VpcId = "string",
        },
        SecurityGroupId = "string",
        Skip = false,
    },
    DefaultTargetGroup = new Awsx.Lb.Inputs.TargetGroupArgs
    {
        ConnectionTermination = false,
        DeregistrationDelay = 0,
        HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs
        {
            Enabled = false,
            HealthyThreshold = 0,
            Interval = 0,
            Matcher = "string",
            Path = "string",
            Port = "string",
            Protocol = "string",
            Timeout = 0,
            UnhealthyThreshold = 0,
        },
        IpAddressType = "string",
        LambdaMultiValueHeadersEnabled = false,
        LoadBalancingAlgorithmType = "string",
        LoadBalancingAnomalyMitigation = "string",
        LoadBalancingCrossZoneEnabled = "string",
        Name = "string",
        NamePrefix = "string",
        Port = 0,
        PreserveClientIp = "string",
        Protocol = "string",
        ProtocolVersion = "string",
        ProxyProtocolV2 = false,
        SlowStart = 0,
        Stickiness = new Aws.LB.Inputs.TargetGroupStickinessArgs
        {
            Type = "string",
            CookieDuration = 0,
            CookieName = "string",
            Enabled = false,
        },
        Tags = 
        {
            { "string", "string" },
        },
        TargetFailovers = new()
        {
            new Aws.LB.Inputs.TargetGroupTargetFailoverArgs
            {
                OnDeregistration = "string",
                OnUnhealthy = "string",
            },
        },
        TargetGroupHealth = new Aws.LB.Inputs.TargetGroupTargetGroupHealthArgs
        {
            DnsFailover = new Aws.LB.Inputs.TargetGroupTargetGroupHealthDnsFailoverArgs
            {
                MinimumHealthyTargetsCount = "string",
                MinimumHealthyTargetsPercentage = "string",
            },
            UnhealthyStateRouting = new Aws.LB.Inputs.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs
            {
                MinimumHealthyTargetsCount = 0,
                MinimumHealthyTargetsPercentage = "string",
            },
        },
        TargetHealthStates = new()
        {
            new Aws.LB.Inputs.TargetGroupTargetHealthStateArgs
            {
                EnableUnhealthyConnectionTermination = false,
                UnhealthyDrainingInterval = 0,
            },
        },
        TargetType = "string",
        VpcId = "string",
    },
    DefaultTargetGroupPort = 0,
    DesyncMitigationMode = "string",
    DnsRecordClientRoutingPolicy = "string",
    DropInvalidHeaderFields = false,
    EnableDeletionProtection = false,
    EnableHttp2 = false,
    EnableTlsVersionAndCipherSuiteHeaders = false,
    EnableWafFailOpen = false,
    EnableXffClientPort = false,
    EnableZonalShift = false,
    EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic = "string",
    IdleTimeout = 0,
    Internal = false,
    IpAddressType = "string",
    Listener = new Awsx.Lb.Inputs.ListenerArgs
    {
        AlpnPolicy = "string",
        CertificateArn = "string",
        DefaultActions = new()
        {
            new Aws.LB.Inputs.ListenerDefaultActionArgs
            {
                Type = "string",
                AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
                {
                    UserPoolArn = "string",
                    UserPoolClientId = "string",
                    UserPoolDomain = "string",
                    AuthenticationRequestExtraParams = 
                    {
                        { "string", "string" },
                    },
                    OnUnauthenticatedRequest = "string",
                    Scope = "string",
                    SessionCookieName = "string",
                    SessionTimeout = 0,
                },
                AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
                {
                    AuthorizationEndpoint = "string",
                    ClientId = "string",
                    ClientSecret = "string",
                    Issuer = "string",
                    TokenEndpoint = "string",
                    UserInfoEndpoint = "string",
                    AuthenticationRequestExtraParams = 
                    {
                        { "string", "string" },
                    },
                    OnUnauthenticatedRequest = "string",
                    Scope = "string",
                    SessionCookieName = "string",
                    SessionTimeout = 0,
                },
                FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs
                {
                    ContentType = "string",
                    MessageBody = "string",
                    StatusCode = "string",
                },
                Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs
                {
                    TargetGroups = new()
                    {
                        new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs
                        {
                            Arn = "string",
                            Weight = 0,
                        },
                    },
                    Stickiness = new Aws.LB.Inputs.ListenerDefaultActionForwardStickinessArgs
                    {
                        Duration = 0,
                        Enabled = false,
                    },
                },
                Order = 0,
                Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs
                {
                    StatusCode = "string",
                    Host = "string",
                    Path = "string",
                    Port = "string",
                    Protocol = "string",
                    Query = "string",
                },
                TargetGroupArn = "string",
            },
        },
        MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs
        {
            Mode = "string",
            AdvertiseTrustStoreCaNames = "string",
            IgnoreClientCertificateExpiry = false,
            TrustStoreArn = "string",
        },
        Port = 0,
        Protocol = "string",
        SslPolicy = "string",
        Tags = 
        {
            { "string", "string" },
        },
        TcpIdleTimeoutSeconds = 0,
    },
    Listeners = new()
    {
        new Awsx.Lb.Inputs.ListenerArgs
        {
            AlpnPolicy = "string",
            CertificateArn = "string",
            DefaultActions = new()
            {
                new Aws.LB.Inputs.ListenerDefaultActionArgs
                {
                    Type = "string",
                    AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
                    {
                        UserPoolArn = "string",
                        UserPoolClientId = "string",
                        UserPoolDomain = "string",
                        AuthenticationRequestExtraParams = 
                        {
                            { "string", "string" },
                        },
                        OnUnauthenticatedRequest = "string",
                        Scope = "string",
                        SessionCookieName = "string",
                        SessionTimeout = 0,
                    },
                    AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
                    {
                        AuthorizationEndpoint = "string",
                        ClientId = "string",
                        ClientSecret = "string",
                        Issuer = "string",
                        TokenEndpoint = "string",
                        UserInfoEndpoint = "string",
                        AuthenticationRequestExtraParams = 
                        {
                            { "string", "string" },
                        },
                        OnUnauthenticatedRequest = "string",
                        Scope = "string",
                        SessionCookieName = "string",
                        SessionTimeout = 0,
                    },
                    FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs
                    {
                        ContentType = "string",
                        MessageBody = "string",
                        StatusCode = "string",
                    },
                    Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs
                    {
                        TargetGroups = new()
                        {
                            new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs
                            {
                                Arn = "string",
                                Weight = 0,
                            },
                        },
                        Stickiness = new Aws.LB.Inputs.ListenerDefaultActionForwardStickinessArgs
                        {
                            Duration = 0,
                            Enabled = false,
                        },
                    },
                    Order = 0,
                    Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs
                    {
                        StatusCode = "string",
                        Host = "string",
                        Path = "string",
                        Port = "string",
                        Protocol = "string",
                        Query = "string",
                    },
                    TargetGroupArn = "string",
                },
            },
            MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs
            {
                Mode = "string",
                AdvertiseTrustStoreCaNames = "string",
                IgnoreClientCertificateExpiry = false,
                TrustStoreArn = "string",
            },
            Port = 0,
            Protocol = "string",
            SslPolicy = "string",
            Tags = 
            {
                { "string", "string" },
            },
            TcpIdleTimeoutSeconds = 0,
        },
    },
    Name = "string",
    NamePrefix = "string",
    PreserveHostHeader = false,
    SecurityGroups = new[]
    {
        "string",
    },
    SubnetIds = new[]
    {
        "string",
    },
    SubnetMappings = new[]
    {
        new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
        {
            SubnetId = "string",
            AllocationId = "string",
            Ipv6Address = "string",
            OutpostId = "string",
            PrivateIpv4Address = "string",
        },
    },
    Subnets = new[]
    {
        subnet,
    },
    Tags = 
    {
        { "string", "string" },
    },
    XffHeaderProcessingMode = "string",
});
example, err := lb.NewApplicationLoadBalancer(ctx, "applicationLoadBalancerResource", &lb.ApplicationLoadBalancerArgs{
	AccessLogs: &lb.LoadBalancerAccessLogsArgs{
		Bucket:  pulumi.String("string"),
		Enabled: pulumi.Bool(false),
		Prefix:  pulumi.String("string"),
	},
	ClientKeepAlive: pulumi.Int(0),
	ConnectionLogs: &lb.LoadBalancerConnectionLogsArgs{
		Bucket:  pulumi.String("string"),
		Enabled: pulumi.Bool(false),
		Prefix:  pulumi.String("string"),
	},
	CustomerOwnedIpv4Pool: pulumi.String("string"),
	DefaultSecurityGroup: &awsx.DefaultSecurityGroupArgs{
		Args: &awsx.SecurityGroupArgs{
			Description: pulumi.String("string"),
			Egress: ec2.SecurityGroupEgressArray{
				&ec2.SecurityGroupEgressArgs{
					FromPort: pulumi.Int(0),
					Protocol: pulumi.String("string"),
					ToPort:   pulumi.Int(0),
					CidrBlocks: pulumi.StringArray{
						pulumi.String("string"),
					},
					Description: pulumi.String("string"),
					Ipv6CidrBlocks: pulumi.StringArray{
						pulumi.String("string"),
					},
					PrefixListIds: pulumi.StringArray{
						pulumi.String("string"),
					},
					SecurityGroups: pulumi.StringArray{
						pulumi.String("string"),
					},
					Self: pulumi.Bool(false),
				},
			},
			Ingress: ec2.SecurityGroupIngressArray{
				&ec2.SecurityGroupIngressArgs{
					FromPort: pulumi.Int(0),
					Protocol: pulumi.String("string"),
					ToPort:   pulumi.Int(0),
					CidrBlocks: pulumi.StringArray{
						pulumi.String("string"),
					},
					Description: pulumi.String("string"),
					Ipv6CidrBlocks: pulumi.StringArray{
						pulumi.String("string"),
					},
					PrefixListIds: pulumi.StringArray{
						pulumi.String("string"),
					},
					SecurityGroups: pulumi.StringArray{
						pulumi.String("string"),
					},
					Self: pulumi.Bool(false),
				},
			},
			Name:                pulumi.String("string"),
			NamePrefix:          pulumi.String("string"),
			RevokeRulesOnDelete: pulumi.Bool(false),
			Tags: pulumi.StringMap{
				"string": pulumi.String("string"),
			},
			VpcId: pulumi.String("string"),
		},
		SecurityGroupId: pulumi.String("string"),
		Skip:            false,
	},
	DefaultTargetGroup: &lb.TargetGroupArgs{
		ConnectionTermination: pulumi.Bool(false),
		DeregistrationDelay:   pulumi.Int(0),
		HealthCheck: &lb.TargetGroupHealthCheckArgs{
			Enabled:            pulumi.Bool(false),
			HealthyThreshold:   pulumi.Int(0),
			Interval:           pulumi.Int(0),
			Matcher:            pulumi.String("string"),
			Path:               pulumi.String("string"),
			Port:               pulumi.String("string"),
			Protocol:           pulumi.String("string"),
			Timeout:            pulumi.Int(0),
			UnhealthyThreshold: pulumi.Int(0),
		},
		IpAddressType:                  pulumi.String("string"),
		LambdaMultiValueHeadersEnabled: pulumi.Bool(false),
		LoadBalancingAlgorithmType:     pulumi.String("string"),
		LoadBalancingAnomalyMitigation: pulumi.String("string"),
		LoadBalancingCrossZoneEnabled:  pulumi.String("string"),
		Name:                           pulumi.String("string"),
		NamePrefix:                     pulumi.String("string"),
		Port:                           pulumi.Int(0),
		PreserveClientIp:               pulumi.String("string"),
		Protocol:                       pulumi.String("string"),
		ProtocolVersion:                pulumi.String("string"),
		ProxyProtocolV2:                pulumi.Bool(false),
		SlowStart:                      pulumi.Int(0),
		Stickiness: &lb.TargetGroupStickinessArgs{
			Type:           pulumi.String("string"),
			CookieDuration: pulumi.Int(0),
			CookieName:     pulumi.String("string"),
			Enabled:        pulumi.Bool(false),
		},
		Tags: pulumi.StringMap{
			"string": pulumi.String("string"),
		},
		TargetFailovers: lb.TargetGroupTargetFailoverArray{
			&lb.TargetGroupTargetFailoverArgs{
				OnDeregistration: pulumi.String("string"),
				OnUnhealthy:      pulumi.String("string"),
			},
		},
		TargetGroupHealth: &lb.TargetGroupTargetGroupHealthArgs{
			DnsFailover: &lb.TargetGroupTargetGroupHealthDnsFailoverArgs{
				MinimumHealthyTargetsCount:      pulumi.String("string"),
				MinimumHealthyTargetsPercentage: pulumi.String("string"),
			},
			UnhealthyStateRouting: &lb.TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs{
				MinimumHealthyTargetsCount:      pulumi.Int(0),
				MinimumHealthyTargetsPercentage: pulumi.String("string"),
			},
		},
		TargetHealthStates: lb.TargetGroupTargetHealthStateArray{
			&lb.TargetGroupTargetHealthStateArgs{
				EnableUnhealthyConnectionTermination: pulumi.Bool(false),
				UnhealthyDrainingInterval:            pulumi.Int(0),
			},
		},
		TargetType: pulumi.String("string"),
		VpcId:      pulumi.String("string"),
	},
	DefaultTargetGroupPort:                pulumi.Int(0),
	DesyncMitigationMode:                  pulumi.String("string"),
	DnsRecordClientRoutingPolicy:          pulumi.String("string"),
	DropInvalidHeaderFields:               pulumi.Bool(false),
	EnableDeletionProtection:              pulumi.Bool(false),
	EnableHttp2:                           pulumi.Bool(false),
	EnableTlsVersionAndCipherSuiteHeaders: pulumi.Bool(false),
	EnableWafFailOpen:                     pulumi.Bool(false),
	EnableXffClientPort:                   pulumi.Bool(false),
	EnableZonalShift:                      pulumi.Bool(false),
	EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic: pulumi.String("string"),
	IdleTimeout:   pulumi.Int(0),
	Internal:      pulumi.Bool(false),
	IpAddressType: pulumi.String("string"),
	Listener: &lb.ListenerArgs{
		AlpnPolicy:     pulumi.String("string"),
		CertificateArn: pulumi.String("string"),
		DefaultActions: lb.ListenerDefaultActionArray{
			&lb.ListenerDefaultActionArgs{
				Type: pulumi.String("string"),
				AuthenticateCognito: &lb.ListenerDefaultActionAuthenticateCognitoArgs{
					UserPoolArn:      pulumi.String("string"),
					UserPoolClientId: pulumi.String("string"),
					UserPoolDomain:   pulumi.String("string"),
					AuthenticationRequestExtraParams: pulumi.StringMap{
						"string": pulumi.String("string"),
					},
					OnUnauthenticatedRequest: pulumi.String("string"),
					Scope:                    pulumi.String("string"),
					SessionCookieName:        pulumi.String("string"),
					SessionTimeout:           pulumi.Int(0),
				},
				AuthenticateOidc: &lb.ListenerDefaultActionAuthenticateOidcArgs{
					AuthorizationEndpoint: pulumi.String("string"),
					ClientId:              pulumi.String("string"),
					ClientSecret:          pulumi.String("string"),
					Issuer:                pulumi.String("string"),
					TokenEndpoint:         pulumi.String("string"),
					UserInfoEndpoint:      pulumi.String("string"),
					AuthenticationRequestExtraParams: pulumi.StringMap{
						"string": pulumi.String("string"),
					},
					OnUnauthenticatedRequest: pulumi.String("string"),
					Scope:                    pulumi.String("string"),
					SessionCookieName:        pulumi.String("string"),
					SessionTimeout:           pulumi.Int(0),
				},
				FixedResponse: &lb.ListenerDefaultActionFixedResponseArgs{
					ContentType: pulumi.String("string"),
					MessageBody: pulumi.String("string"),
					StatusCode:  pulumi.String("string"),
				},
				Forward: &lb.ListenerDefaultActionForwardArgs{
					TargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{
						&lb.ListenerDefaultActionForwardTargetGroupArgs{
							Arn:    pulumi.String("string"),
							Weight: pulumi.Int(0),
						},
					},
					Stickiness: &lb.ListenerDefaultActionForwardStickinessArgs{
						Duration: pulumi.Int(0),
						Enabled:  pulumi.Bool(false),
					},
				},
				Order: pulumi.Int(0),
				Redirect: &lb.ListenerDefaultActionRedirectArgs{
					StatusCode: pulumi.String("string"),
					Host:       pulumi.String("string"),
					Path:       pulumi.String("string"),
					Port:       pulumi.String("string"),
					Protocol:   pulumi.String("string"),
					Query:      pulumi.String("string"),
				},
				TargetGroupArn: pulumi.String("string"),
			},
		},
		MutualAuthentication: &lb.ListenerMutualAuthenticationArgs{
			Mode:                          pulumi.String("string"),
			AdvertiseTrustStoreCaNames:    pulumi.String("string"),
			IgnoreClientCertificateExpiry: pulumi.Bool(false),
			TrustStoreArn:                 pulumi.String("string"),
		},
		Port:      pulumi.Int(0),
		Protocol:  pulumi.String("string"),
		SslPolicy: pulumi.String("string"),
		Tags: pulumi.StringMap{
			"string": pulumi.String("string"),
		},
		TcpIdleTimeoutSeconds: pulumi.Int(0),
	},
	Listeners: []lb.ListenerArgs{
		{
			AlpnPolicy:     pulumi.String("string"),
			CertificateArn: pulumi.String("string"),
			DefaultActions: lb.ListenerDefaultActionArray{
				{
					Type: pulumi.String("string"),
					AuthenticateCognito: {
						UserPoolArn:      pulumi.String("string"),
						UserPoolClientId: pulumi.String("string"),
						UserPoolDomain:   pulumi.String("string"),
						AuthenticationRequestExtraParams: {
							"string": pulumi.String("string"),
						},
						OnUnauthenticatedRequest: pulumi.String("string"),
						Scope:                    pulumi.String("string"),
						SessionCookieName:        pulumi.String("string"),
						SessionTimeout:           pulumi.Int(0),
					},
					AuthenticateOidc: {
						AuthorizationEndpoint: pulumi.String("string"),
						ClientId:              pulumi.String("string"),
						ClientSecret:          pulumi.String("string"),
						Issuer:                pulumi.String("string"),
						TokenEndpoint:         pulumi.String("string"),
						UserInfoEndpoint:      pulumi.String("string"),
						AuthenticationRequestExtraParams: {
							"string": pulumi.String("string"),
						},
						OnUnauthenticatedRequest: pulumi.String("string"),
						Scope:                    pulumi.String("string"),
						SessionCookieName:        pulumi.String("string"),
						SessionTimeout:           pulumi.Int(0),
					},
					FixedResponse: {
						ContentType: pulumi.String("string"),
						MessageBody: pulumi.String("string"),
						StatusCode:  pulumi.String("string"),
					},
					Forward: {
						TargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{
							{
								Arn:    pulumi.String("string"),
								Weight: pulumi.Int(0),
							},
						},
						Stickiness: {
							Duration: pulumi.Int(0),
							Enabled:  pulumi.Bool(false),
						},
					},
					Order: pulumi.Int(0),
					Redirect: {
						StatusCode: pulumi.String("string"),
						Host:       pulumi.String("string"),
						Path:       pulumi.String("string"),
						Port:       pulumi.String("string"),
						Protocol:   pulumi.String("string"),
						Query:      pulumi.String("string"),
					},
					TargetGroupArn: pulumi.String("string"),
				},
			},
			MutualAuthentication: {
				Mode:                          pulumi.String("string"),
				AdvertiseTrustStoreCaNames:    pulumi.String("string"),
				IgnoreClientCertificateExpiry: pulumi.Bool(false),
				TrustStoreArn:                 pulumi.String("string"),
			},
			Port:      pulumi.Int(0),
			Protocol:  pulumi.String("string"),
			SslPolicy: pulumi.String("string"),
			Tags: {
				"string": pulumi.String("string"),
			},
			TcpIdleTimeoutSeconds: pulumi.Int(0),
		},
	},
	Name:               pulumi.String("string"),
	NamePrefix:         pulumi.String("string"),
	PreserveHostHeader: pulumi.Bool(false),
	SecurityGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	SubnetIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	SubnetMappings: lb.LoadBalancerSubnetMappingArray{
		&lb.LoadBalancerSubnetMappingArgs{
			SubnetId:           pulumi.String("string"),
			AllocationId:       pulumi.String("string"),
			Ipv6Address:        pulumi.String("string"),
			OutpostId:          pulumi.String("string"),
			PrivateIpv4Address: pulumi.String("string"),
		},
	},
	Subnets: ec2.SubnetArray{
		subnet,
	},
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	XffHeaderProcessingMode: pulumi.String("string"),
})
var applicationLoadBalancerResource = new ApplicationLoadBalancer("applicationLoadBalancerResource", ApplicationLoadBalancerArgs.builder()
    .accessLogs(LoadBalancerAccessLogsArgs.builder()
        .bucket("string")
        .enabled(false)
        .prefix("string")
        .build())
    .clientKeepAlive(0)
    .connectionLogs(LoadBalancerConnectionLogsArgs.builder()
        .bucket("string")
        .enabled(false)
        .prefix("string")
        .build())
    .customerOwnedIpv4Pool("string")
    .defaultSecurityGroup(DefaultSecurityGroupArgs.builder()
        .args(SecurityGroupArgs.builder()
            .description("string")
            .egress(SecurityGroupEgressArgs.builder()
                .fromPort(0)
                .protocol("string")
                .toPort(0)
                .cidrBlocks("string")
                .description("string")
                .ipv6CidrBlocks("string")
                .prefixListIds("string")
                .securityGroups("string")
                .self(false)
                .build())
            .ingress(SecurityGroupIngressArgs.builder()
                .fromPort(0)
                .protocol("string")
                .toPort(0)
                .cidrBlocks("string")
                .description("string")
                .ipv6CidrBlocks("string")
                .prefixListIds("string")
                .securityGroups("string")
                .self(false)
                .build())
            .name("string")
            .namePrefix("string")
            .revokeRulesOnDelete(false)
            .tags(Map.of("string", "string"))
            .vpcId("string")
            .build())
        .securityGroupId("string")
        .skip(false)
        .build())
    .defaultTargetGroup(TargetGroupArgs.builder()
        .connectionTermination(false)
        .deregistrationDelay(0)
        .healthCheck(TargetGroupHealthCheckArgs.builder()
            .enabled(false)
            .healthyThreshold(0)
            .interval(0)
            .matcher("string")
            .path("string")
            .port("string")
            .protocol("string")
            .timeout(0)
            .unhealthyThreshold(0)
            .build())
        .ipAddressType("string")
        .lambdaMultiValueHeadersEnabled(false)
        .loadBalancingAlgorithmType("string")
        .loadBalancingAnomalyMitigation("string")
        .loadBalancingCrossZoneEnabled("string")
        .name("string")
        .namePrefix("string")
        .port(0)
        .preserveClientIp("string")
        .protocol("string")
        .protocolVersion("string")
        .proxyProtocolV2(false)
        .slowStart(0)
        .stickiness(TargetGroupStickinessArgs.builder()
            .type("string")
            .cookieDuration(0)
            .cookieName("string")
            .enabled(false)
            .build())
        .tags(Map.of("string", "string"))
        .targetFailovers(TargetGroupTargetFailoverArgs.builder()
            .onDeregistration("string")
            .onUnhealthy("string")
            .build())
        .targetGroupHealth(TargetGroupTargetGroupHealthArgs.builder()
            .dnsFailover(TargetGroupTargetGroupHealthDnsFailoverArgs.builder()
                .minimumHealthyTargetsCount("string")
                .minimumHealthyTargetsPercentage("string")
                .build())
            .unhealthyStateRouting(TargetGroupTargetGroupHealthUnhealthyStateRoutingArgs.builder()
                .minimumHealthyTargetsCount(0)
                .minimumHealthyTargetsPercentage("string")
                .build())
            .build())
        .targetHealthStates(TargetGroupTargetHealthStateArgs.builder()
            .enableUnhealthyConnectionTermination(false)
            .unhealthyDrainingInterval(0)
            .build())
        .targetType("string")
        .vpcId("string")
        .build())
    .defaultTargetGroupPort(0)
    .desyncMitigationMode("string")
    .dnsRecordClientRoutingPolicy("string")
    .dropInvalidHeaderFields(false)
    .enableDeletionProtection(false)
    .enableHttp2(false)
    .enableTlsVersionAndCipherSuiteHeaders(false)
    .enableWafFailOpen(false)
    .enableXffClientPort(false)
    .enableZonalShift(false)
    .enforceSecurityGroupInboundRulesOnPrivateLinkTraffic("string")
    .idleTimeout(0)
    .internal(false)
    .ipAddressType("string")
    .listener(ListenerArgs.builder()
        .alpnPolicy("string")
        .certificateArn("string")
        .defaultActions(ListenerDefaultActionArgs.builder()
            .type("string")
            .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()
                .userPoolArn("string")
                .userPoolClientId("string")
                .userPoolDomain("string")
                .authenticationRequestExtraParams(Map.of("string", "string"))
                .onUnauthenticatedRequest("string")
                .scope("string")
                .sessionCookieName("string")
                .sessionTimeout(0)
                .build())
            .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()
                .authorizationEndpoint("string")
                .clientId("string")
                .clientSecret("string")
                .issuer("string")
                .tokenEndpoint("string")
                .userInfoEndpoint("string")
                .authenticationRequestExtraParams(Map.of("string", "string"))
                .onUnauthenticatedRequest("string")
                .scope("string")
                .sessionCookieName("string")
                .sessionTimeout(0)
                .build())
            .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()
                .contentType("string")
                .messageBody("string")
                .statusCode("string")
                .build())
            .forward(ListenerDefaultActionForwardArgs.builder()
                .targetGroups(ListenerDefaultActionForwardTargetGroupArgs.builder()
                    .arn("string")
                    .weight(0)
                    .build())
                .stickiness(ListenerDefaultActionForwardStickinessArgs.builder()
                    .duration(0)
                    .enabled(false)
                    .build())
                .build())
            .order(0)
            .redirect(ListenerDefaultActionRedirectArgs.builder()
                .statusCode("string")
                .host("string")
                .path("string")
                .port("string")
                .protocol("string")
                .query("string")
                .build())
            .targetGroupArn("string")
            .build())
        .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()
            .mode("string")
            .advertiseTrustStoreCaNames("string")
            .ignoreClientCertificateExpiry(false)
            .trustStoreArn("string")
            .build())
        .port(0)
        .protocol("string")
        .sslPolicy("string")
        .tags(Map.of("string", "string"))
        .tcpIdleTimeoutSeconds(0)
        .build())
    .listeners(ListenerArgs.builder()
        .alpnPolicy("string")
        .certificateArn("string")
        .defaultActions(ListenerDefaultActionArgs.builder()
            .type("string")
            .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()
                .userPoolArn("string")
                .userPoolClientId("string")
                .userPoolDomain("string")
                .authenticationRequestExtraParams(Map.of("string", "string"))
                .onUnauthenticatedRequest("string")
                .scope("string")
                .sessionCookieName("string")
                .sessionTimeout(0)
                .build())
            .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()
                .authorizationEndpoint("string")
                .clientId("string")
                .clientSecret("string")
                .issuer("string")
                .tokenEndpoint("string")
                .userInfoEndpoint("string")
                .authenticationRequestExtraParams(Map.of("string", "string"))
                .onUnauthenticatedRequest("string")
                .scope("string")
                .sessionCookieName("string")
                .sessionTimeout(0)
                .build())
            .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()
                .contentType("string")
                .messageBody("string")
                .statusCode("string")
                .build())
            .forward(ListenerDefaultActionForwardArgs.builder()
                .targetGroups(ListenerDefaultActionForwardTargetGroupArgs.builder()
                    .arn("string")
                    .weight(0)
                    .build())
                .stickiness(ListenerDefaultActionForwardStickinessArgs.builder()
                    .duration(0)
                    .enabled(false)
                    .build())
                .build())
            .order(0)
            .redirect(ListenerDefaultActionRedirectArgs.builder()
                .statusCode("string")
                .host("string")
                .path("string")
                .port("string")
                .protocol("string")
                .query("string")
                .build())
            .targetGroupArn("string")
            .build())
        .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()
            .mode("string")
            .advertiseTrustStoreCaNames("string")
            .ignoreClientCertificateExpiry(false)
            .trustStoreArn("string")
            .build())
        .port(0)
        .protocol("string")
        .sslPolicy("string")
        .tags(Map.of("string", "string"))
        .tcpIdleTimeoutSeconds(0)
        .build())
    .name("string")
    .namePrefix("string")
    .preserveHostHeader(false)
    .securityGroups("string")
    .subnetIds("string")
    .subnetMappings(LoadBalancerSubnetMappingArgs.builder()
        .subnetId("string")
        .allocationId("string")
        .ipv6Address("string")
        .outpostId("string")
        .privateIpv4Address("string")
        .build())
    .subnets(subnet)
    .tags(Map.of("string", "string"))
    .xffHeaderProcessingMode("string")
    .build());
application_load_balancer_resource = awsx.lb.ApplicationLoadBalancer("applicationLoadBalancerResource",
    access_logs={
        "bucket": "string",
        "enabled": False,
        "prefix": "string",
    },
    client_keep_alive=0,
    connection_logs={
        "bucket": "string",
        "enabled": False,
        "prefix": "string",
    },
    customer_owned_ipv4_pool="string",
    default_security_group={
        "args": {
            "description": "string",
            "egress": [{
                "from_port": 0,
                "protocol": "string",
                "to_port": 0,
                "cidr_blocks": ["string"],
                "description": "string",
                "ipv6_cidr_blocks": ["string"],
                "prefix_list_ids": ["string"],
                "security_groups": ["string"],
                "self": False,
            }],
            "ingress": [{
                "from_port": 0,
                "protocol": "string",
                "to_port": 0,
                "cidr_blocks": ["string"],
                "description": "string",
                "ipv6_cidr_blocks": ["string"],
                "prefix_list_ids": ["string"],
                "security_groups": ["string"],
                "self": False,
            }],
            "name": "string",
            "name_prefix": "string",
            "revoke_rules_on_delete": False,
            "tags": {
                "string": "string",
            },
            "vpc_id": "string",
        },
        "security_group_id": "string",
        "skip": False,
    },
    default_target_group={
        "connection_termination": False,
        "deregistration_delay": 0,
        "health_check": {
            "enabled": False,
            "healthy_threshold": 0,
            "interval": 0,
            "matcher": "string",
            "path": "string",
            "port": "string",
            "protocol": "string",
            "timeout": 0,
            "unhealthy_threshold": 0,
        },
        "ip_address_type": "string",
        "lambda_multi_value_headers_enabled": False,
        "load_balancing_algorithm_type": "string",
        "load_balancing_anomaly_mitigation": "string",
        "load_balancing_cross_zone_enabled": "string",
        "name": "string",
        "name_prefix": "string",
        "port": 0,
        "preserve_client_ip": "string",
        "protocol": "string",
        "protocol_version": "string",
        "proxy_protocol_v2": False,
        "slow_start": 0,
        "stickiness": {
            "type": "string",
            "cookie_duration": 0,
            "cookie_name": "string",
            "enabled": False,
        },
        "tags": {
            "string": "string",
        },
        "target_failovers": [{
            "on_deregistration": "string",
            "on_unhealthy": "string",
        }],
        "target_group_health": {
            "dns_failover": {
                "minimum_healthy_targets_count": "string",
                "minimum_healthy_targets_percentage": "string",
            },
            "unhealthy_state_routing": {
                "minimum_healthy_targets_count": 0,
                "minimum_healthy_targets_percentage": "string",
            },
        },
        "target_health_states": [{
            "enable_unhealthy_connection_termination": False,
            "unhealthy_draining_interval": 0,
        }],
        "target_type": "string",
        "vpc_id": "string",
    },
    default_target_group_port=0,
    desync_mitigation_mode="string",
    dns_record_client_routing_policy="string",
    drop_invalid_header_fields=False,
    enable_deletion_protection=False,
    enable_http2=False,
    enable_tls_version_and_cipher_suite_headers=False,
    enable_waf_fail_open=False,
    enable_xff_client_port=False,
    enable_zonal_shift=False,
    enforce_security_group_inbound_rules_on_private_link_traffic="string",
    idle_timeout=0,
    internal=False,
    ip_address_type="string",
    listener={
        "alpn_policy": "string",
        "certificate_arn": "string",
        "default_actions": [{
            "type": "string",
            "authenticate_cognito": {
                "user_pool_arn": "string",
                "user_pool_client_id": "string",
                "user_pool_domain": "string",
                "authentication_request_extra_params": {
                    "string": "string",
                },
                "on_unauthenticated_request": "string",
                "scope": "string",
                "session_cookie_name": "string",
                "session_timeout": 0,
            },
            "authenticate_oidc": {
                "authorization_endpoint": "string",
                "client_id": "string",
                "client_secret": "string",
                "issuer": "string",
                "token_endpoint": "string",
                "user_info_endpoint": "string",
                "authentication_request_extra_params": {
                    "string": "string",
                },
                "on_unauthenticated_request": "string",
                "scope": "string",
                "session_cookie_name": "string",
                "session_timeout": 0,
            },
            "fixed_response": {
                "content_type": "string",
                "message_body": "string",
                "status_code": "string",
            },
            "forward": {
                "target_groups": [{
                    "arn": "string",
                    "weight": 0,
                }],
                "stickiness": {
                    "duration": 0,
                    "enabled": False,
                },
            },
            "order": 0,
            "redirect": {
                "status_code": "string",
                "host": "string",
                "path": "string",
                "port": "string",
                "protocol": "string",
                "query": "string",
            },
            "target_group_arn": "string",
        }],
        "mutual_authentication": {
            "mode": "string",
            "advertise_trust_store_ca_names": "string",
            "ignore_client_certificate_expiry": False,
            "trust_store_arn": "string",
        },
        "port": 0,
        "protocol": "string",
        "ssl_policy": "string",
        "tags": {
            "string": "string",
        },
        "tcp_idle_timeout_seconds": 0,
    },
    listeners=[{
        "alpn_policy": "string",
        "certificate_arn": "string",
        "default_actions": [{
            "type": "string",
            "authenticate_cognito": {
                "user_pool_arn": "string",
                "user_pool_client_id": "string",
                "user_pool_domain": "string",
                "authentication_request_extra_params": {
                    "string": "string",
                },
                "on_unauthenticated_request": "string",
                "scope": "string",
                "session_cookie_name": "string",
                "session_timeout": 0,
            },
            "authenticate_oidc": {
                "authorization_endpoint": "string",
                "client_id": "string",
                "client_secret": "string",
                "issuer": "string",
                "token_endpoint": "string",
                "user_info_endpoint": "string",
                "authentication_request_extra_params": {
                    "string": "string",
                },
                "on_unauthenticated_request": "string",
                "scope": "string",
                "session_cookie_name": "string",
                "session_timeout": 0,
            },
            "fixed_response": {
                "content_type": "string",
                "message_body": "string",
                "status_code": "string",
            },
            "forward": {
                "target_groups": [{
                    "arn": "string",
                    "weight": 0,
                }],
                "stickiness": {
                    "duration": 0,
                    "enabled": False,
                },
            },
            "order": 0,
            "redirect": {
                "status_code": "string",
                "host": "string",
                "path": "string",
                "port": "string",
                "protocol": "string",
                "query": "string",
            },
            "target_group_arn": "string",
        }],
        "mutual_authentication": {
            "mode": "string",
            "advertise_trust_store_ca_names": "string",
            "ignore_client_certificate_expiry": False,
            "trust_store_arn": "string",
        },
        "port": 0,
        "protocol": "string",
        "ssl_policy": "string",
        "tags": {
            "string": "string",
        },
        "tcp_idle_timeout_seconds": 0,
    }],
    name="string",
    name_prefix="string",
    preserve_host_header=False,
    security_groups=["string"],
    subnet_ids=["string"],
    subnet_mappings=[{
        "subnet_id": "string",
        "allocation_id": "string",
        "ipv6_address": "string",
        "outpost_id": "string",
        "private_ipv4_address": "string",
    }],
    subnets=[subnet],
    tags={
        "string": "string",
    },
    xff_header_processing_mode="string")
const applicationLoadBalancerResource = new awsx.lb.ApplicationLoadBalancer("applicationLoadBalancerResource", {
    accessLogs: {
        bucket: "string",
        enabled: false,
        prefix: "string",
    },
    clientKeepAlive: 0,
    connectionLogs: {
        bucket: "string",
        enabled: false,
        prefix: "string",
    },
    customerOwnedIpv4Pool: "string",
    defaultSecurityGroup: {
        args: {
            description: "string",
            egress: [{
                fromPort: 0,
                protocol: "string",
                toPort: 0,
                cidrBlocks: ["string"],
                description: "string",
                ipv6CidrBlocks: ["string"],
                prefixListIds: ["string"],
                securityGroups: ["string"],
                self: false,
            }],
            ingress: [{
                fromPort: 0,
                protocol: "string",
                toPort: 0,
                cidrBlocks: ["string"],
                description: "string",
                ipv6CidrBlocks: ["string"],
                prefixListIds: ["string"],
                securityGroups: ["string"],
                self: false,
            }],
            name: "string",
            namePrefix: "string",
            revokeRulesOnDelete: false,
            tags: {
                string: "string",
            },
            vpcId: "string",
        },
        securityGroupId: "string",
        skip: false,
    },
    defaultTargetGroup: {
        connectionTermination: false,
        deregistrationDelay: 0,
        healthCheck: {
            enabled: false,
            healthyThreshold: 0,
            interval: 0,
            matcher: "string",
            path: "string",
            port: "string",
            protocol: "string",
            timeout: 0,
            unhealthyThreshold: 0,
        },
        ipAddressType: "string",
        lambdaMultiValueHeadersEnabled: false,
        loadBalancingAlgorithmType: "string",
        loadBalancingAnomalyMitigation: "string",
        loadBalancingCrossZoneEnabled: "string",
        name: "string",
        namePrefix: "string",
        port: 0,
        preserveClientIp: "string",
        protocol: "string",
        protocolVersion: "string",
        proxyProtocolV2: false,
        slowStart: 0,
        stickiness: {
            type: "string",
            cookieDuration: 0,
            cookieName: "string",
            enabled: false,
        },
        tags: {
            string: "string",
        },
        targetFailovers: [{
            onDeregistration: "string",
            onUnhealthy: "string",
        }],
        targetGroupHealth: {
            dnsFailover: {
                minimumHealthyTargetsCount: "string",
                minimumHealthyTargetsPercentage: "string",
            },
            unhealthyStateRouting: {
                minimumHealthyTargetsCount: 0,
                minimumHealthyTargetsPercentage: "string",
            },
        },
        targetHealthStates: [{
            enableUnhealthyConnectionTermination: false,
            unhealthyDrainingInterval: 0,
        }],
        targetType: "string",
        vpcId: "string",
    },
    defaultTargetGroupPort: 0,
    desyncMitigationMode: "string",
    dnsRecordClientRoutingPolicy: "string",
    dropInvalidHeaderFields: false,
    enableDeletionProtection: false,
    enableHttp2: false,
    enableTlsVersionAndCipherSuiteHeaders: false,
    enableWafFailOpen: false,
    enableXffClientPort: false,
    enableZonalShift: false,
    enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: "string",
    idleTimeout: 0,
    internal: false,
    ipAddressType: "string",
    listener: {
        alpnPolicy: "string",
        certificateArn: "string",
        defaultActions: [{
            type: "string",
            authenticateCognito: {
                userPoolArn: "string",
                userPoolClientId: "string",
                userPoolDomain: "string",
                authenticationRequestExtraParams: {
                    string: "string",
                },
                onUnauthenticatedRequest: "string",
                scope: "string",
                sessionCookieName: "string",
                sessionTimeout: 0,
            },
            authenticateOidc: {
                authorizationEndpoint: "string",
                clientId: "string",
                clientSecret: "string",
                issuer: "string",
                tokenEndpoint: "string",
                userInfoEndpoint: "string",
                authenticationRequestExtraParams: {
                    string: "string",
                },
                onUnauthenticatedRequest: "string",
                scope: "string",
                sessionCookieName: "string",
                sessionTimeout: 0,
            },
            fixedResponse: {
                contentType: "string",
                messageBody: "string",
                statusCode: "string",
            },
            forward: {
                targetGroups: [{
                    arn: "string",
                    weight: 0,
                }],
                stickiness: {
                    duration: 0,
                    enabled: false,
                },
            },
            order: 0,
            redirect: {
                statusCode: "string",
                host: "string",
                path: "string",
                port: "string",
                protocol: "string",
                query: "string",
            },
            targetGroupArn: "string",
        }],
        mutualAuthentication: {
            mode: "string",
            advertiseTrustStoreCaNames: "string",
            ignoreClientCertificateExpiry: false,
            trustStoreArn: "string",
        },
        port: 0,
        protocol: "string",
        sslPolicy: "string",
        tags: {
            string: "string",
        },
        tcpIdleTimeoutSeconds: 0,
    },
    listeners: [{
        alpnPolicy: "string",
        certificateArn: "string",
        defaultActions: [{
            type: "string",
            authenticateCognito: {
                userPoolArn: "string",
                userPoolClientId: "string",
                userPoolDomain: "string",
                authenticationRequestExtraParams: {
                    string: "string",
                },
                onUnauthenticatedRequest: "string",
                scope: "string",
                sessionCookieName: "string",
                sessionTimeout: 0,
            },
            authenticateOidc: {
                authorizationEndpoint: "string",
                clientId: "string",
                clientSecret: "string",
                issuer: "string",
                tokenEndpoint: "string",
                userInfoEndpoint: "string",
                authenticationRequestExtraParams: {
                    string: "string",
                },
                onUnauthenticatedRequest: "string",
                scope: "string",
                sessionCookieName: "string",
                sessionTimeout: 0,
            },
            fixedResponse: {
                contentType: "string",
                messageBody: "string",
                statusCode: "string",
            },
            forward: {
                targetGroups: [{
                    arn: "string",
                    weight: 0,
                }],
                stickiness: {
                    duration: 0,
                    enabled: false,
                },
            },
            order: 0,
            redirect: {
                statusCode: "string",
                host: "string",
                path: "string",
                port: "string",
                protocol: "string",
                query: "string",
            },
            targetGroupArn: "string",
        }],
        mutualAuthentication: {
            mode: "string",
            advertiseTrustStoreCaNames: "string",
            ignoreClientCertificateExpiry: false,
            trustStoreArn: "string",
        },
        port: 0,
        protocol: "string",
        sslPolicy: "string",
        tags: {
            string: "string",
        },
        tcpIdleTimeoutSeconds: 0,
    }],
    name: "string",
    namePrefix: "string",
    preserveHostHeader: false,
    securityGroups: ["string"],
    subnetIds: ["string"],
    subnetMappings: [{
        subnetId: "string",
        allocationId: "string",
        ipv6Address: "string",
        outpostId: "string",
        privateIpv4Address: "string",
    }],
    subnets: [subnet],
    tags: {
        string: "string",
    },
    xffHeaderProcessingMode: "string",
});
type: awsx:lb:ApplicationLoadBalancer
properties:
    accessLogs:
        bucket: string
        enabled: false
        prefix: string
    clientKeepAlive: 0
    connectionLogs:
        bucket: string
        enabled: false
        prefix: string
    customerOwnedIpv4Pool: string
    defaultSecurityGroup:
        args:
            description: string
            egress:
                - cidrBlocks:
                    - string
                  description: string
                  fromPort: 0
                  ipv6CidrBlocks:
                    - string
                  prefixListIds:
                    - string
                  protocol: string
                  securityGroups:
                    - string
                  self: false
                  toPort: 0
            ingress:
                - cidrBlocks:
                    - string
                  description: string
                  fromPort: 0
                  ipv6CidrBlocks:
                    - string
                  prefixListIds:
                    - string
                  protocol: string
                  securityGroups:
                    - string
                  self: false
                  toPort: 0
            name: string
            namePrefix: string
            revokeRulesOnDelete: false
            tags:
                string: string
            vpcId: string
        securityGroupId: string
        skip: false
    defaultTargetGroup:
        connectionTermination: false
        deregistrationDelay: 0
        healthCheck:
            enabled: false
            healthyThreshold: 0
            interval: 0
            matcher: string
            path: string
            port: string
            protocol: string
            timeout: 0
            unhealthyThreshold: 0
        ipAddressType: string
        lambdaMultiValueHeadersEnabled: false
        loadBalancingAlgorithmType: string
        loadBalancingAnomalyMitigation: string
        loadBalancingCrossZoneEnabled: string
        name: string
        namePrefix: string
        port: 0
        preserveClientIp: string
        protocol: string
        protocolVersion: string
        proxyProtocolV2: false
        slowStart: 0
        stickiness:
            cookieDuration: 0
            cookieName: string
            enabled: false
            type: string
        tags:
            string: string
        targetFailovers:
            - onDeregistration: string
              onUnhealthy: string
        targetGroupHealth:
            dnsFailover:
                minimumHealthyTargetsCount: string
                minimumHealthyTargetsPercentage: string
            unhealthyStateRouting:
                minimumHealthyTargetsCount: 0
                minimumHealthyTargetsPercentage: string
        targetHealthStates:
            - enableUnhealthyConnectionTermination: false
              unhealthyDrainingInterval: 0
        targetType: string
        vpcId: string
    defaultTargetGroupPort: 0
    desyncMitigationMode: string
    dnsRecordClientRoutingPolicy: string
    dropInvalidHeaderFields: false
    enableDeletionProtection: false
    enableHttp2: false
    enableTlsVersionAndCipherSuiteHeaders: false
    enableWafFailOpen: false
    enableXffClientPort: false
    enableZonalShift: false
    enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: string
    idleTimeout: 0
    internal: false
    ipAddressType: string
    listener:
        alpnPolicy: string
        certificateArn: string
        defaultActions:
            - authenticateCognito:
                authenticationRequestExtraParams:
                    string: string
                onUnauthenticatedRequest: string
                scope: string
                sessionCookieName: string
                sessionTimeout: 0
                userPoolArn: string
                userPoolClientId: string
                userPoolDomain: string
              authenticateOidc:
                authenticationRequestExtraParams:
                    string: string
                authorizationEndpoint: string
                clientId: string
                clientSecret: string
                issuer: string
                onUnauthenticatedRequest: string
                scope: string
                sessionCookieName: string
                sessionTimeout: 0
                tokenEndpoint: string
                userInfoEndpoint: string
              fixedResponse:
                contentType: string
                messageBody: string
                statusCode: string
              forward:
                stickiness:
                    duration: 0
                    enabled: false
                targetGroups:
                    - arn: string
                      weight: 0
              order: 0
              redirect:
                host: string
                path: string
                port: string
                protocol: string
                query: string
                statusCode: string
              targetGroupArn: string
              type: string
        mutualAuthentication:
            advertiseTrustStoreCaNames: string
            ignoreClientCertificateExpiry: false
            mode: string
            trustStoreArn: string
        port: 0
        protocol: string
        sslPolicy: string
        tags:
            string: string
        tcpIdleTimeoutSeconds: 0
    listeners:
        - alpnPolicy: string
          certificateArn: string
          defaultActions:
            - authenticateCognito:
                authenticationRequestExtraParams:
                    string: string
                onUnauthenticatedRequest: string
                scope: string
                sessionCookieName: string
                sessionTimeout: 0
                userPoolArn: string
                userPoolClientId: string
                userPoolDomain: string
              authenticateOidc:
                authenticationRequestExtraParams:
                    string: string
                authorizationEndpoint: string
                clientId: string
                clientSecret: string
                issuer: string
                onUnauthenticatedRequest: string
                scope: string
                sessionCookieName: string
                sessionTimeout: 0
                tokenEndpoint: string
                userInfoEndpoint: string
              fixedResponse:
                contentType: string
                messageBody: string
                statusCode: string
              forward:
                stickiness:
                    duration: 0
                    enabled: false
                targetGroups:
                    - arn: string
                      weight: 0
              order: 0
              redirect:
                host: string
                path: string
                port: string
                protocol: string
                query: string
                statusCode: string
              targetGroupArn: string
              type: string
          mutualAuthentication:
            advertiseTrustStoreCaNames: string
            ignoreClientCertificateExpiry: false
            mode: string
            trustStoreArn: string
          port: 0
          protocol: string
          sslPolicy: string
          tags:
            string: string
          tcpIdleTimeoutSeconds: 0
    name: string
    namePrefix: string
    preserveHostHeader: false
    securityGroups:
        - string
    subnetIds:
        - string
    subnetMappings:
        - allocationId: string
          ipv6Address: string
          outpostId: string
          privateIpv4Address: string
          subnetId: string
    subnets:
        - ${subnet}
    tags:
        string: string
    xffHeaderProcessingMode: string
ApplicationLoadBalancer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ApplicationLoadBalancer resource accepts the following input properties:
- AccessLogs Pulumi.Aws. LB. Inputs. Load Balancer Access Logs 
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- ClientKeep intAlive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- ConnectionLogs Pulumi.Aws. LB. Inputs. Load Balancer Connection Logs 
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- CustomerOwned stringIpv4Pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- DefaultSecurity Pulumi.Group Awsx. Awsx. Inputs. Default Security Group 
- Options for creating a default security group if [securityGroups] not specified.
- DefaultTarget TargetGroup Group 
- Options creating a default target group.
- DefaultTarget intGroup Port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- DesyncMitigation stringMode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- DnsRecord stringClient Routing Policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- DropInvalid boolHeader Fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- EnableDeletion boolProtection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- EnableHttp2 bool
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- EnableTls boolVersion And Cipher Suite Headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- EnableWaf boolFail Open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- EnableXff boolClient Port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- EnableZonal boolShift 
- Whether zonal shift is enabled. Defaults to false.
- EnforceSecurity stringGroup Inbound Rules On Private Link Traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- IdleTimeout int
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- Internal bool
- If true, the LB will be internal. Defaults to false.
- IpAddress stringType 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- Listener Listener
- A listener to create. Only one of [listener] and [listeners] can be specified.
- Listeners List<Listener>
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- PreserveHost boolHeader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- SecurityGroups List<string>
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- SubnetIds List<string>
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- SubnetMappings List<Pulumi.Aws. LB. Inputs. Load Balancer Subnet Mapping> 
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- Subnets
List<Pulumi.Aws. Ec2. Subnet> 
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- XffHeader stringProcessing Mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
- AccessLogs LoadBalancer Access Logs Args 
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- ClientKeep intAlive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- ConnectionLogs LoadBalancer Connection Logs Args 
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- CustomerOwned stringIpv4Pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- DefaultSecurity DefaultGroup Security Group Args 
- Options for creating a default security group if [securityGroups] not specified.
- DefaultTarget TargetGroup Group Args 
- Options creating a default target group.
- DefaultTarget intGroup Port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- DesyncMitigation stringMode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- DnsRecord stringClient Routing Policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- DropInvalid boolHeader Fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- EnableDeletion boolProtection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- EnableHttp2 bool
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- EnableTls boolVersion And Cipher Suite Headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- EnableWaf boolFail Open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- EnableXff boolClient Port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- EnableZonal boolShift 
- Whether zonal shift is enabled. Defaults to false.
- EnforceSecurity stringGroup Inbound Rules On Private Link Traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- IdleTimeout int
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- Internal bool
- If true, the LB will be internal. Defaults to false.
- IpAddress stringType 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- Listener
ListenerArgs 
- A listener to create. Only one of [listener] and [listeners] can be specified.
- Listeners
[]ListenerArgs 
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- PreserveHost boolHeader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- SecurityGroups []string
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- SubnetIds []string
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- SubnetMappings LoadBalancer Subnet Mapping Args 
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- Subnets Subnet
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- map[string]string
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- XffHeader stringProcessing Mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
- accessLogs LoadBalancer Access Logs 
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- clientKeep IntegerAlive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connectionLogs LoadBalancer Connection Logs 
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- customerOwned StringIpv4Pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- defaultSecurity DefaultGroup Security Group 
- Options for creating a default security group if [securityGroups] not specified.
- defaultTarget TargetGroup Group 
- Options creating a default target group.
- defaultTarget IntegerGroup Port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- desyncMitigation StringMode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- dnsRecord StringClient Routing Policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- dropInvalid BooleanHeader Fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- enableDeletion BooleanProtection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- enableHttp2 Boolean
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- enableTls BooleanVersion And Cipher Suite Headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- enableWaf BooleanFail Open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- enableXff BooleanClient Port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- enableZonal BooleanShift 
- Whether zonal shift is enabled. Defaults to false.
- enforceSecurity StringGroup Inbound Rules On Private Link Traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- idleTimeout Integer
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- internal Boolean
- If true, the LB will be internal. Defaults to false.
- ipAddress StringType 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- listener Listener
- A listener to create. Only one of [listener] and [listeners] can be specified.
- listeners List<Listener>
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- preserveHost BooleanHeader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- securityGroups List<String>
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- subnetIds List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- subnetMappings List<LoadBalancer Subnet Mapping> 
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- subnets List<Subnet>
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- Map<String,String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- xffHeader StringProcessing Mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
- accessLogs pulumiAws.types.input. Load Balancer Access Logs 
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- clientKeep numberAlive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connectionLogs pulumiAws.types.input. Load Balancer Connection Logs 
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- customerOwned stringIpv4Pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- defaultSecurity awsx.Group Default Security Group 
- Options for creating a default security group if [securityGroups] not specified.
- defaultTarget TargetGroup Group 
- Options creating a default target group.
- defaultTarget numberGroup Port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- desyncMitigation stringMode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- dnsRecord stringClient Routing Policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- dropInvalid booleanHeader Fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- enableDeletion booleanProtection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- enableHttp2 boolean
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- enableTls booleanVersion And Cipher Suite Headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- enableWaf booleanFail Open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- enableXff booleanClient Port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- enableZonal booleanShift 
- Whether zonal shift is enabled. Defaults to false.
- enforceSecurity stringGroup Inbound Rules On Private Link Traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- idleTimeout number
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- internal boolean
- If true, the LB will be internal. Defaults to false.
- ipAddress stringType 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- listener Listener
- A listener to create. Only one of [listener] and [listeners] can be specified.
- listeners Listener[]
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- namePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- preserveHost booleanHeader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- securityGroups string[]
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- subnetIds string[]
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- subnetMappings pulumiAws.types.input. Load Balancer Subnet Mapping[] 
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- subnets
pulumiAws.ec2. Subnet[] 
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- xffHeader stringProcessing Mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
- access_logs pulumi_aws.lb. Load Balancer Access Logs Args 
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- client_keep_ intalive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection_logs pulumi_aws.lb. Load Balancer Connection Logs Args 
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- customer_owned_ stripv4_ pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- default_security_ awsx.group Default Security Group Args 
- Options for creating a default security group if [securityGroups] not specified.
- default_target_ Targetgroup Group Args 
- Options creating a default target group.
- default_target_ intgroup_ port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- desync_mitigation_ strmode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- dns_record_ strclient_ routing_ policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- drop_invalid_ boolheader_ fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- enable_deletion_ boolprotection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- enable_http2 bool
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- enable_tls_ boolversion_ and_ cipher_ suite_ headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- enable_waf_ boolfail_ open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- enable_xff_ boolclient_ port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- enable_zonal_ boolshift 
- Whether zonal shift is enabled. Defaults to false.
- enforce_security_ strgroup_ inbound_ rules_ on_ private_ link_ traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- idle_timeout int
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- internal bool
- If true, the LB will be internal. Defaults to false.
- ip_address_ strtype 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- listener
ListenerArgs 
- A listener to create. Only one of [listener] and [listeners] can be specified.
- listeners
Sequence[ListenerArgs] 
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- name str
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- name_prefix str
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- preserve_host_ boolheader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- security_groups Sequence[str]
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- subnet_ids Sequence[str]
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- subnet_mappings Sequence[pulumi_aws.lb. Load Balancer Subnet Mapping Args] 
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- subnets
Sequence[pulumi_aws.ec2. Subnet] 
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- xff_header_ strprocessing_ mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
- accessLogs Property Map
- Access Logs block. See below. - This type is defined in the AWS Classic package. 
- clientKeep NumberAlive 
- Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connectionLogs Property Map
- Connection Logs block. See below. Only valid for Load Balancers of type - application.- This type is defined in the AWS Classic package. 
- customerOwned StringIpv4Pool 
- ID of the customer owned ipv4 pool to use for this load balancer.
- defaultSecurity Property MapGroup 
- Options for creating a default security group if [securityGroups] not specified.
- defaultTarget Property MapGroup 
- Options creating a default target group.
- defaultTarget NumberGroup Port 
- Port to use to connect with the target. Valid values are ports 1-65535. Defaults to 80.
- desyncMitigation StringMode 
- How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are monitor,defensive(default),strictest.
- dnsRecord StringClient Routing Policy 
- How traffic is distributed among the load balancer Availability Zones. Possible values are any_availability_zone(default),availability_zone_affinity, orpartial_availability_zone_affinity. See Availability Zone DNS affinity for additional details. Only valid fornetworktype load balancers.
- dropInvalid BooleanHeader Fields 
- Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type application.
- enableDeletion BooleanProtection 
- If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to false.
- enableHttp2 Boolean
- Whether HTTP/2 is enabled in applicationload balancers. Defaults totrue.
- enableTls BooleanVersion And Cipher Suite Headers 
- Whether the two headers (x-amzn-tls-versionandx-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication. Defaults tofalse
- enableWaf BooleanFail Open 
- Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to false.
- enableXff BooleanClient Port 
- Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in applicationload balancers. Defaults tofalse.
- enableZonal BooleanShift 
- Whether zonal shift is enabled. Defaults to false.
- enforceSecurity StringGroup Inbound Rules On Private Link Traffic 
- Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type network. The possible values areonandoff.
- idleTimeout Number
- Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type application. Default: 60.
- internal Boolean
- If true, the LB will be internal. Defaults to false.
- ipAddress StringType 
- Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: ipv4(all load balancer types),dualstack(all load balancer types), anddualstack-without-public-ipv4(typeapplicationonly).
- listener Property Map
- A listener to create. Only one of [listener] and [listeners] can be specified.
- listeners List<Property Map>
- List of listeners to create. Only one of [listener] and [listeners] can be specified.
- name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with tf-lb.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- preserveHost BooleanHeader 
- Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to false.
- securityGroups List<String>
- List of security group IDs to assign to the LB. Only valid for Load Balancers of type applicationornetwork. For load balancers of typenetworksecurity groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
- subnetIds List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type networksubnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetworkwill force a recreation of the resource.
- subnetMappings List<Property Map>
- Subnet mapping block. See below. For Load Balancers of type networksubnet mappings can only be added.
- subnets List<aws:ec2:Subnet>
- A list of subnets to attach to the LB. Only one of [subnets], [subnetIds] or [subnetMappings] can be specified
- Map<String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- xffHeader StringProcessing Mode 
- Determines how the load balancer modifies the X-Forwarded-Forheader in the HTTP request before sending the request to the target. The possible values areappend,preserve, andremove. Only valid for Load Balancers of typeapplication. The default isappend.
Outputs
All input properties are implicitly available as output properties. Additionally, the ApplicationLoadBalancer resource produces the following output properties:
- LoadBalancer Pulumi.Aws. LB. Load Balancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- VpcId string
- Id of the VPC in which this load balancer is operating
- LoadBalancer LoadBalancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- VpcId string
- Id of the VPC in which this load balancer is operating
- loadBalancer LoadBalancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- vpcId String
- Id of the VPC in which this load balancer is operating
- loadBalancer pulumiAws. Load Balancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- vpcId string
- Id of the VPC in which this load balancer is operating
- load_balancer pulumi_aws.lb. Load Balancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- vpc_id str
- Id of the VPC in which this load balancer is operating
- loadBalancer aws::LoadBalancer 
- Underlying Load Balancer resource This type is defined in the AWS Classic package.
- vpcId String
- Id of the VPC in which this load balancer is operating
Supporting Types
DefaultSecurityGroup, DefaultSecurityGroupArgs      
- Args
Pulumi.Awsx. Awsx. Inputs. Security Group 
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- SecurityGroup stringId 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- Skip bool
- Skips creation of the security group if set to true.
- Args
SecurityGroup 
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- SecurityGroup stringId 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- Skip bool
- Skips creation of the security group if set to true.
- args
SecurityGroup 
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- securityGroup StringId 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- skip Boolean
- Skips creation of the security group if set to true.
- args
awsx.Security Group 
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- securityGroup stringId 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- skip boolean
- Skips creation of the security group if set to true.
- args
awsx.Security Group 
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- security_group_ strid 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- skip bool
- Skips creation of the security group if set to true.
- args Property Map
- Args to use when creating the security group. Can't be specified if securityGroupIdis used.
- securityGroup StringId 
- Id of existing security group to use instead of creating a new security group. Cannot be used in combination with argsoropts.
- skip Boolean
- Skips creation of the security group if set to true.
Listener, ListenerArgs  
- AlpnPolicy string
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- CertificateArn string
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- DefaultActions List<Pulumi.Aws. LB. Inputs. Listener Default Action> 
- Configuration block for default actions. See below.
- MutualAuthentication Pulumi.Aws. LB. Inputs. Listener Mutual Authentication 
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- Port int
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- SslPolicy string
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- Dictionary<string, string>
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- TcpIdle intTimeout Seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
- AlpnPolicy string
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- CertificateArn string
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- DefaultActions ListenerDefault Action 
- Configuration block for default actions. See below.
- MutualAuthentication ListenerMutual Authentication 
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- Port int
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- Protocol string
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- SslPolicy string
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- map[string]string
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- TcpIdle intTimeout Seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
- alpnPolicy String
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- certificateArn String
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- defaultActions List<ListenerDefault Action> 
- Configuration block for default actions. See below.
- mutualAuthentication ListenerMutual Authentication 
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- port Integer
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- sslPolicy String
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- Map<String,String>
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- tcpIdle IntegerTimeout Seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
- alpnPolicy string
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- certificateArn string
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- defaultActions pulumiAws.types.input. Listener Default Action[] 
- Configuration block for default actions. See below.
- mutualAuthentication pulumiAws.types.input. Listener Mutual Authentication 
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- port number
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol string
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- sslPolicy string
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- {[key: string]: string}
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- tcpIdle numberTimeout Seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
- alpn_policy str
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- certificate_arn str
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- default_actions Sequence[pulumi_aws.lb. Listener Default Action Args] 
- Configuration block for default actions. See below.
- mutual_authentication pulumi_aws.lb. Listener Mutual Authentication Args 
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- port int
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol str
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- ssl_policy str
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- Mapping[str, str]
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- tcp_idle_ inttimeout_ seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
- alpnPolicy String
- Name of the Application-Layer Protocol Negotiation (ALPN) policy. Can be set if protocolisTLS. Valid values areHTTP1Only,HTTP2Only,HTTP2Optional,HTTP2Preferred, andNone.
- certificateArn String
- ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. For adding additional SSL certificates, see the aws.lb.ListenerCertificateresource.
- defaultActions List<Property Map>
- Configuration block for default actions. See below.
- mutualAuthentication Property Map
- The mutual authentication configuration information. See below. - This type is defined in the AWS Classic package. 
- port Number
- Port on which the load balancer is listening. Not valid for Gateway Load Balancers.
- protocol String
- Protocol for connections from clients to the load balancer. For Application Load Balancers, valid values are HTTPandHTTPS, with a default ofHTTP. For Network Load Balancers, valid values areTCP,TLS,UDP, andTCP_UDP. Not valid to useUDPorTCP_UDPif dual-stack mode is enabled. Not valid for Gateway Load Balancers.
- sslPolicy String
- Name of the SSL Policy for the listener. Required if protocolisHTTPSorTLS. Default isELBSecurityPolicy-2016-08.
- Map<String>
- A map of tags to assign to the resource. .If configured with a provider - default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Note:: When a - Namekey is specified in the map, the AWS Console maps the value to the- Name Tagcolumn value inside the- Listener Rulestable within a specific load balancer listener page. Otherwise, the value resolves to- Default.
- tcpIdle NumberTimeout Seconds 
- TCP idle timeout value in seconds. Can only be set if protocol is TCPon Network Load Balancer, or with a Gateway Load Balancer. Not supported for Application Load Balancers. Valid values are between60and6000inclusive. Default:350.
SecurityGroup, SecurityGroupArgs    
- Description string
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- Egress
List<Pulumi.Aws. Ec2. Inputs. Security Group Egress> 
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- Ingress
List<Pulumi.Aws. Ec2. Inputs. Security Group Ingress> 
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- Name string
- Name of the security group. If omitted, the provider will assign a random, unique name.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- RevokeRules boolOn Delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- VpcId string
- VPC ID. Defaults to the region's default VPC.
- Description string
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- Egress
SecurityGroup Egress 
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- Ingress
SecurityGroup Ingress 
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- Name string
- Name of the security group. If omitted, the provider will assign a random, unique name.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- RevokeRules boolOn Delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- map[string]string
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- VpcId string
- VPC ID. Defaults to the region's default VPC.
- description String
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- egress
List<SecurityGroup Egress> 
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- ingress
List<SecurityGroup Ingress> 
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- name String
- Name of the security group. If omitted, the provider will assign a random, unique name.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- revokeRules BooleanOn Delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- Map<String,String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- vpcId String
- VPC ID. Defaults to the region's default VPC.
- description string
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- egress
pulumiAws.types.input.ec2. Security Group Egress[] 
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- ingress
pulumiAws.types.input.ec2. Security Group Ingress[] 
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- name string
- Name of the security group. If omitted, the provider will assign a random, unique name.
- namePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- revokeRules booleanOn Delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- vpcId string
- VPC ID. Defaults to the region's default VPC.
- description str
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- egress
Sequence[pulumi_aws.ec2. Security Group Egress Args] 
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- ingress
Sequence[pulumi_aws.ec2. Security Group Ingress Args] 
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- name str
- Name of the security group. If omitted, the provider will assign a random, unique name.
- name_prefix str
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- revoke_rules_ boolon_ delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- vpc_id str
- VPC ID. Defaults to the region's default VPC.
- description String
- Security group description. Defaults to Managed by Pulumi. Cannot be"". NOTE: This field maps to the AWSGroupDescriptionattribute, for which there is no Update API. If you'd like to classify your security groups in a way that can be updated, usetags.
- egress List<Property Map>
- Configuration block for egress rules. Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- ingress List<Property Map>
- Configuration block for ingress rules. Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.
- name String
- Name of the security group. If omitted, the provider will assign a random, unique name.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name.
- revokeRules BooleanOn Delete 
- Instruct the provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false.
- Map<String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- vpcId String
- VPC ID. Defaults to the region's default VPC.
TargetGroup, TargetGroupArgs    
- ConnectionTermination bool
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- DeregistrationDelay int
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- HealthCheck Pulumi.Aws. LB. Inputs. Target Group Health Check 
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- IpAddress stringType 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- LambdaMulti boolValue Headers Enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- LoadBalancing stringAlgorithm Type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- LoadBalancing stringAnomaly Mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- LoadBalancing stringCross Zone Enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- Name string
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- Port int
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- PreserveClient stringIp 
- Whether client IP preservation is enabled. See doc for more information.
- Protocol string
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- ProtocolVersion string
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- ProxyProtocol boolV2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- SlowStart int
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- Stickiness
Pulumi.Aws. LB. Inputs. Target Group Stickiness 
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- TargetFailovers List<Pulumi.Aws. LB. Inputs. Target Group Target Failover> 
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- TargetGroup Pulumi.Health Aws. LB. Inputs. Target Group Target Group Health 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- TargetHealth List<Pulumi.States Aws. LB. Inputs. Target Group Target Health State> 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- TargetType string
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- VpcId string
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- ConnectionTermination bool
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- DeregistrationDelay int
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- HealthCheck TargetGroup Health Check 
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- IpAddress stringType 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- LambdaMulti boolValue Headers Enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- LoadBalancing stringAlgorithm Type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- LoadBalancing stringAnomaly Mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- LoadBalancing stringCross Zone Enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- Name string
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- NamePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- Port int
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- PreserveClient stringIp 
- Whether client IP preservation is enabled. See doc for more information.
- Protocol string
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- ProtocolVersion string
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- ProxyProtocol boolV2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- SlowStart int
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- Stickiness
TargetGroup Stickiness 
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- map[string]string
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- TargetFailovers TargetGroup Target Failover 
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- TargetGroup TargetHealth Group Target Group Health 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- TargetHealth TargetStates Group Target Health State 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- TargetType string
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- VpcId string
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- connectionTermination Boolean
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- deregistrationDelay Integer
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- healthCheck TargetGroup Health Check 
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- ipAddress StringType 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- lambdaMulti BooleanValue Headers Enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- loadBalancing StringAlgorithm Type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- loadBalancing StringAnomaly Mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- loadBalancing StringCross Zone Enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- name String
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- port Integer
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- preserveClient StringIp 
- Whether client IP preservation is enabled. See doc for more information.
- protocol String
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- protocolVersion String
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- proxyProtocol BooleanV2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- slowStart Integer
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- stickiness
TargetGroup Stickiness 
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- Map<String,String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- targetFailovers List<TargetGroup Target Failover> 
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- targetGroup TargetHealth Group Target Group Health 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- targetHealth List<TargetStates Group Target Health State> 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- targetType String
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- vpcId String
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- connectionTermination boolean
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- deregistrationDelay number
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- healthCheck pulumiAws.types.input. Target Group Health Check 
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- ipAddress stringType 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- lambdaMulti booleanValue Headers Enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- loadBalancing stringAlgorithm Type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- loadBalancing stringAnomaly Mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- loadBalancing stringCross Zone Enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- name string
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- namePrefix string
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- port number
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- preserveClient stringIp 
- Whether client IP preservation is enabled. See doc for more information.
- protocol string
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- protocolVersion string
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- proxyProtocol booleanV2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- slowStart number
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- stickiness
pulumiAws.types.input. Target Group Stickiness 
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- targetFailovers pulumiAws.types.input. Target Group Target Failover[] 
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- targetGroup pulumiHealth Aws.types.input. Target Group Target Group Health 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- targetHealth pulumiStates Aws.types.input. Target Group Target Health State[] 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- targetType string
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- vpcId string
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- connection_termination bool
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- deregistration_delay int
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- health_check pulumi_aws.lb. Target Group Health Check Args 
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- ip_address_ strtype 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- lambda_multi_ boolvalue_ headers_ enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- load_balancing_ stralgorithm_ type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- load_balancing_ stranomaly_ mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- load_balancing_ strcross_ zone_ enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- name str
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- name_prefix str
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- port int
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- preserve_client_ strip 
- Whether client IP preservation is enabled. See doc for more information.
- protocol str
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- protocol_version str
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- proxy_protocol_ boolv2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- slow_start int
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- stickiness
pulumi_aws.lb. Target Group Stickiness Args 
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- target_failovers Sequence[pulumi_aws.lb. Target Group Target Failover Args] 
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- target_group_ pulumi_health aws.lb. Target Group Target Group Health Args 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- target_health_ Sequence[pulumi_states aws.lb. Target Group Target Health State Args] 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- target_type str
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- vpc_id str
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- connectionTermination Boolean
- Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default is false.
- deregistrationDelay Number
- Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
- healthCheck Property Map
- Health Check configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- ipAddress StringType 
- The type of IP addresses used by the target group, only supported when target type is set to ip. Possible values areipv4oripv6.
- lambdaMulti BooleanValue Headers Enabled 
- Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies when target_typeislambda. Default isfalse.
- loadBalancing StringAlgorithm Type 
- Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value is round_robin,least_outstanding_requests, orweighted_random. The default isround_robin.
- loadBalancing StringAnomaly Mitigation 
- Determines whether to enable target anomaly mitigation. Target anomaly mitigation is only supported by the weighted_randomload balancing algorithm type. See doc for more information. The value is"on"or"off". The default is"off".
- loadBalancing StringCross Zone Enabled 
- Indicates whether cross zone load balancing is enabled. The value is "true","false"or"use_load_balancer_configuration". The default is"use_load_balancer_configuration".
- name String
- Name of the target group. If omitted, this provider will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.
- namePrefix String
- Creates a unique name beginning with the specified prefix. Conflicts with name. Cannot be longer than 6 characters.
- port Number
- Port on which targets receive traffic, unless overridden when registering a specific target. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
- preserveClient StringIp 
- Whether client IP preservation is enabled. See doc for more information.
- protocol String
- Protocol to use for routing traffic to the targets.
Should be one of GENEVE,HTTP,HTTPS,TCP,TCP_UDP,TLS, orUDP. Required whentarget_typeisinstance,ip, oralb. Does not apply whentarget_typeislambda.
- protocolVersion String
- Only applicable when protocolisHTTPorHTTPS. The protocol version. SpecifyGRPCto send requests to targets using gRPC. SpecifyHTTP2to send requests to targets using HTTP/2. The default isHTTP1, which sends requests to targets using HTTP/1.1
- proxyProtocol BooleanV2 
- Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default is false.
- slowStart Number
- Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.
- stickiness Property Map
- Stickiness configuration block. Detailed below. - This type is defined in the AWS Classic package. 
- Map<String>
- Map of tags to assign to the resource. If configured with a provider default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- targetFailovers List<Property Map>
- Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.
- targetGroup Property MapHealth 
- Target health requirements block. See target_group_health for more information. - This type is defined in the AWS Classic package. 
- targetHealth List<Property Map>States 
- Target health state block. Only applicable for Network Load Balancer target groups when protocolisTCPorTLS. See target_health_state for more information.
- targetType String
- Type of target that you must specify when registering targets with this target group. See doc for supported values. The default is - instance.- Note that you can't specify targets for a target group using both instance IDs and IP addresses. - If the target type is - ip, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.- Network Load Balancers do not support the - lambdatarget type.- Application Load Balancers do not support the - albtarget type.
- vpcId String
- Identifier of the VPC in which to create the target group. Required when target_typeisinstance,iporalb. Does not apply whentarget_typeislambda.
Package Details
- Repository
- AWSx (Pulumi Crosswalk for AWS) pulumi/pulumi-awsx
- License
- Apache-2.0