aws.lb.LoadBalancer
Explore with Pulumi AI
Provides a Load Balancer resource.
Note:
aws.alb.LoadBalancer
is known asaws.lb.LoadBalancer
. The functionality is identical.
Example Usage
Application Load Balancer
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.lb.LoadBalancer("test", {
name: "test-lb-tf",
internal: false,
loadBalancerType: "application",
securityGroups: [lbSg.id],
subnets: .map(subnet => (subnet.id)),
enableDeletionProtection: true,
accessLogs: {
bucket: lbLogs.id,
prefix: "test-lb",
enabled: true,
},
tags: {
Environment: "production",
},
});
import pulumi
import pulumi_aws as aws
test = aws.lb.LoadBalancer("test",
name="test-lb-tf",
internal=False,
load_balancer_type="application",
security_groups=[lb_sg["id"]],
subnets=[subnet["id"] for subnet in public],
enable_deletion_protection=True,
access_logs={
"bucket": lb_logs["id"],
"prefix": "test-lb",
"enabled": True,
},
tags={
"Environment": "production",
})
Coming soon!
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.LB.LoadBalancer("test", new()
{
Name = "test-lb-tf",
Internal = false,
LoadBalancerType = "application",
SecurityGroups = new[]
{
lbSg.Id,
},
Subnets = .Select(subnet =>
{
return subnet.Id;
}).ToList(),
EnableDeletionProtection = true,
AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs
{
Bucket = lbLogs.Id,
Prefix = "test-lb",
Enabled = true,
},
Tags =
{
{ "Environment", "production" },
},
});
});
Coming soon!
Coming soon!
Network Load Balancer
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.lb.LoadBalancer("test", {
name: "test-lb-tf",
internal: false,
loadBalancerType: "network",
subnets: .map(subnet => (subnet.id)),
enableDeletionProtection: true,
tags: {
Environment: "production",
},
});
import pulumi
import pulumi_aws as aws
test = aws.lb.LoadBalancer("test",
name="test-lb-tf",
internal=False,
load_balancer_type="network",
subnets=[subnet["id"] for subnet in public],
enable_deletion_protection=True,
tags={
"Environment": "production",
})
Coming soon!
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.LB.LoadBalancer("test", new()
{
Name = "test-lb-tf",
Internal = false,
LoadBalancerType = "network",
Subnets = .Select(subnet =>
{
return subnet.Id;
}).ToList(),
EnableDeletionProtection = true,
Tags =
{
{ "Environment", "production" },
},
});
});
Coming soon!
Coming soon!
Specifying Elastic IPs
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.lb.LoadBalancer("example", {
name: "example",
loadBalancerType: "network",
subnetMappings: [
{
subnetId: example1AwsSubnet.id,
allocationId: example1.id,
},
{
subnetId: example2AwsSubnet.id,
allocationId: example2.id,
},
],
});
import pulumi
import pulumi_aws as aws
example = aws.lb.LoadBalancer("example",
name="example",
load_balancer_type="network",
subnet_mappings=[
{
"subnet_id": example1_aws_subnet["id"],
"allocation_id": example1["id"],
},
{
"subnet_id": example2_aws_subnet["id"],
"allocation_id": example2["id"],
},
])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lb.NewLoadBalancer(ctx, "example", &lb.LoadBalancerArgs{
Name: pulumi.String("example"),
LoadBalancerType: pulumi.String("network"),
SubnetMappings: lb.LoadBalancerSubnetMappingArray{
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.Any(example1AwsSubnet.Id),
AllocationId: pulumi.Any(example1.Id),
},
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.Any(example2AwsSubnet.Id),
AllocationId: pulumi.Any(example2.Id),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.LB.LoadBalancer("example", new()
{
Name = "example",
LoadBalancerType = "network",
SubnetMappings = new[]
{
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = example1AwsSubnet.Id,
AllocationId = example1.Id,
},
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = example2AwsSubnet.Id,
AllocationId = example2.Id,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.LoadBalancerArgs;
import com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoadBalancer("example", LoadBalancerArgs.builder()
.name("example")
.loadBalancerType("network")
.subnetMappings(
LoadBalancerSubnetMappingArgs.builder()
.subnetId(example1AwsSubnet.id())
.allocationId(example1.id())
.build(),
LoadBalancerSubnetMappingArgs.builder()
.subnetId(example2AwsSubnet.id())
.allocationId(example2.id())
.build())
.build());
}
}
resources:
example:
type: aws:lb:LoadBalancer
properties:
name: example
loadBalancerType: network
subnetMappings:
- subnetId: ${example1AwsSubnet.id}
allocationId: ${example1.id}
- subnetId: ${example2AwsSubnet.id}
allocationId: ${example2.id}
Specifying private IP addresses for an internal-facing load balancer
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.lb.LoadBalancer("example", {
name: "example",
loadBalancerType: "network",
subnetMappings: [
{
subnetId: example1.id,
privateIpv4Address: "10.0.1.15",
},
{
subnetId: example2.id,
privateIpv4Address: "10.0.2.15",
},
],
});
import pulumi
import pulumi_aws as aws
example = aws.lb.LoadBalancer("example",
name="example",
load_balancer_type="network",
subnet_mappings=[
{
"subnet_id": example1["id"],
"private_ipv4_address": "10.0.1.15",
},
{
"subnet_id": example2["id"],
"private_ipv4_address": "10.0.2.15",
},
])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lb.NewLoadBalancer(ctx, "example", &lb.LoadBalancerArgs{
Name: pulumi.String("example"),
LoadBalancerType: pulumi.String("network"),
SubnetMappings: lb.LoadBalancerSubnetMappingArray{
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.Any(example1.Id),
PrivateIpv4Address: pulumi.String("10.0.1.15"),
},
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.Any(example2.Id),
PrivateIpv4Address: pulumi.String("10.0.2.15"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.LB.LoadBalancer("example", new()
{
Name = "example",
LoadBalancerType = "network",
SubnetMappings = new[]
{
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = example1.Id,
PrivateIpv4Address = "10.0.1.15",
},
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = example2.Id,
PrivateIpv4Address = "10.0.2.15",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.LoadBalancerArgs;
import com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoadBalancer("example", LoadBalancerArgs.builder()
.name("example")
.loadBalancerType("network")
.subnetMappings(
LoadBalancerSubnetMappingArgs.builder()
.subnetId(example1.id())
.privateIpv4Address("10.0.1.15")
.build(),
LoadBalancerSubnetMappingArgs.builder()
.subnetId(example2.id())
.privateIpv4Address("10.0.2.15")
.build())
.build());
}
}
resources:
example:
type: aws:lb:LoadBalancer
properties:
name: example
loadBalancerType: network
subnetMappings:
- subnetId: ${example1.id}
privateIpv4Address: 10.0.1.15
- subnetId: ${example2.id}
privateIpv4Address: 10.0.2.15
Create LoadBalancer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LoadBalancer(name: string, args?: LoadBalancerArgs, opts?: CustomResourceOptions);
@overload
def LoadBalancer(resource_name: str,
args: Optional[LoadBalancerArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def LoadBalancer(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_logs: Optional[LoadBalancerAccessLogsArgs] = None,
client_keep_alive: Optional[int] = None,
connection_logs: Optional[LoadBalancerConnectionLogsArgs] = None,
customer_owned_ipv4_pool: Optional[str] = None,
desync_mitigation_mode: Optional[str] = None,
dns_record_client_routing_policy: Optional[str] = None,
drop_invalid_header_fields: Optional[bool] = None,
enable_cross_zone_load_balancing: Optional[bool] = None,
enable_deletion_protection: Optional[bool] = None,
enable_http2: Optional[bool] = None,
enable_tls_version_and_cipher_suite_headers: Optional[bool] = None,
enable_waf_fail_open: Optional[bool] = None,
enable_xff_client_port: Optional[bool] = None,
enforce_security_group_inbound_rules_on_private_link_traffic: Optional[str] = None,
idle_timeout: Optional[int] = None,
internal: Optional[bool] = None,
ip_address_type: Optional[str] = None,
load_balancer_type: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
preserve_host_header: Optional[bool] = None,
security_groups: Optional[Sequence[str]] = None,
subnet_mappings: Optional[Sequence[LoadBalancerSubnetMappingArgs]] = None,
subnets: Optional[Sequence[str]] = None,
tags: Optional[Mapping[str, str]] = None,
xff_header_processing_mode: Optional[str] = None)
func NewLoadBalancer(ctx *Context, name string, args *LoadBalancerArgs, opts ...ResourceOption) (*LoadBalancer, error)
public LoadBalancer(string name, LoadBalancerArgs? args = null, CustomResourceOptions? opts = null)
public LoadBalancer(String name, LoadBalancerArgs args)
public LoadBalancer(String name, LoadBalancerArgs args, CustomResourceOptions options)
type: aws:lb:LoadBalancer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LoadBalancerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LoadBalancerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LoadBalancerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LoadBalancerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LoadBalancerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var exampleloadBalancerResourceResourceFromLbloadBalancer = new Aws.LB.LoadBalancer("exampleloadBalancerResourceResourceFromLbloadBalancer", new()
{
AccessLogs = new Aws.LB.Inputs.LoadBalancerAccessLogsArgs
{
Bucket = "string",
Enabled = false,
Prefix = "string",
},
ClientKeepAlive = 0,
ConnectionLogs = new Aws.LB.Inputs.LoadBalancerConnectionLogsArgs
{
Bucket = "string",
Enabled = false,
Prefix = "string",
},
CustomerOwnedIpv4Pool = "string",
DesyncMitigationMode = "string",
DnsRecordClientRoutingPolicy = "string",
DropInvalidHeaderFields = false,
EnableCrossZoneLoadBalancing = false,
EnableDeletionProtection = false,
EnableHttp2 = false,
EnableTlsVersionAndCipherSuiteHeaders = false,
EnableWafFailOpen = false,
EnableXffClientPort = false,
EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic = "string",
IdleTimeout = 0,
Internal = false,
IpAddressType = "string",
LoadBalancerType = "string",
Name = "string",
NamePrefix = "string",
PreserveHostHeader = false,
SecurityGroups = new[]
{
"string",
},
SubnetMappings = new[]
{
new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs
{
SubnetId = "string",
AllocationId = "string",
Ipv6Address = "string",
OutpostId = "string",
PrivateIpv4Address = "string",
},
},
Subnets = new[]
{
"string",
},
Tags =
{
{ "string", "string" },
},
XffHeaderProcessingMode = "string",
});
example, err := lb.NewLoadBalancer(ctx, "exampleloadBalancerResourceResourceFromLbloadBalancer", &lb.LoadBalancerArgs{
AccessLogs: &lb.LoadBalancerAccessLogsArgs{
Bucket: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Prefix: pulumi.String("string"),
},
ClientKeepAlive: pulumi.Int(0),
ConnectionLogs: &lb.LoadBalancerConnectionLogsArgs{
Bucket: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Prefix: pulumi.String("string"),
},
CustomerOwnedIpv4Pool: pulumi.String("string"),
DesyncMitigationMode: pulumi.String("string"),
DnsRecordClientRoutingPolicy: pulumi.String("string"),
DropInvalidHeaderFields: pulumi.Bool(false),
EnableCrossZoneLoadBalancing: pulumi.Bool(false),
EnableDeletionProtection: pulumi.Bool(false),
EnableHttp2: pulumi.Bool(false),
EnableTlsVersionAndCipherSuiteHeaders: pulumi.Bool(false),
EnableWafFailOpen: pulumi.Bool(false),
EnableXffClientPort: pulumi.Bool(false),
EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic: pulumi.String("string"),
IdleTimeout: pulumi.Int(0),
Internal: pulumi.Bool(false),
IpAddressType: pulumi.String("string"),
LoadBalancerType: pulumi.String("string"),
Name: pulumi.String("string"),
NamePrefix: pulumi.String("string"),
PreserveHostHeader: pulumi.Bool(false),
SecurityGroups: pulumi.StringArray{
pulumi.String("string"),
},
SubnetMappings: lb.LoadBalancerSubnetMappingArray{
&lb.LoadBalancerSubnetMappingArgs{
SubnetId: pulumi.String("string"),
AllocationId: pulumi.String("string"),
Ipv6Address: pulumi.String("string"),
OutpostId: pulumi.String("string"),
PrivateIpv4Address: pulumi.String("string"),
},
},
Subnets: pulumi.StringArray{
pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
XffHeaderProcessingMode: pulumi.String("string"),
})
var exampleloadBalancerResourceResourceFromLbloadBalancer = new LoadBalancer("exampleloadBalancerResourceResourceFromLbloadBalancer", LoadBalancerArgs.builder()
.accessLogs(LoadBalancerAccessLogsArgs.builder()
.bucket("string")
.enabled(false)
.prefix("string")
.build())
.clientKeepAlive(0)
.connectionLogs(LoadBalancerConnectionLogsArgs.builder()
.bucket("string")
.enabled(false)
.prefix("string")
.build())
.customerOwnedIpv4Pool("string")
.desyncMitigationMode("string")
.dnsRecordClientRoutingPolicy("string")
.dropInvalidHeaderFields(false)
.enableCrossZoneLoadBalancing(false)
.enableDeletionProtection(false)
.enableHttp2(false)
.enableTlsVersionAndCipherSuiteHeaders(false)
.enableWafFailOpen(false)
.enableXffClientPort(false)
.enforceSecurityGroupInboundRulesOnPrivateLinkTraffic("string")
.idleTimeout(0)
.internal(false)
.ipAddressType("string")
.loadBalancerType("string")
.name("string")
.namePrefix("string")
.preserveHostHeader(false)
.securityGroups("string")
.subnetMappings(LoadBalancerSubnetMappingArgs.builder()
.subnetId("string")
.allocationId("string")
.ipv6Address("string")
.outpostId("string")
.privateIpv4Address("string")
.build())
.subnets("string")
.tags(Map.of("string", "string"))
.xffHeaderProcessingMode("string")
.build());
exampleload_balancer_resource_resource_from_lbload_balancer = aws.lb.LoadBalancer("exampleloadBalancerResourceResourceFromLbloadBalancer",
access_logs={
"bucket": "string",
"enabled": False,
"prefix": "string",
},
client_keep_alive=0,
connection_logs={
"bucket": "string",
"enabled": False,
"prefix": "string",
},
customer_owned_ipv4_pool="string",
desync_mitigation_mode="string",
dns_record_client_routing_policy="string",
drop_invalid_header_fields=False,
enable_cross_zone_load_balancing=False,
enable_deletion_protection=False,
enable_http2=False,
enable_tls_version_and_cipher_suite_headers=False,
enable_waf_fail_open=False,
enable_xff_client_port=False,
enforce_security_group_inbound_rules_on_private_link_traffic="string",
idle_timeout=0,
internal=False,
ip_address_type="string",
load_balancer_type="string",
name="string",
name_prefix="string",
preserve_host_header=False,
security_groups=["string"],
subnet_mappings=[{
"subnetId": "string",
"allocationId": "string",
"ipv6Address": "string",
"outpostId": "string",
"privateIpv4Address": "string",
}],
subnets=["string"],
tags={
"string": "string",
},
xff_header_processing_mode="string")
const exampleloadBalancerResourceResourceFromLbloadBalancer = new aws.lb.LoadBalancer("exampleloadBalancerResourceResourceFromLbloadBalancer", {
accessLogs: {
bucket: "string",
enabled: false,
prefix: "string",
},
clientKeepAlive: 0,
connectionLogs: {
bucket: "string",
enabled: false,
prefix: "string",
},
customerOwnedIpv4Pool: "string",
desyncMitigationMode: "string",
dnsRecordClientRoutingPolicy: "string",
dropInvalidHeaderFields: false,
enableCrossZoneLoadBalancing: false,
enableDeletionProtection: false,
enableHttp2: false,
enableTlsVersionAndCipherSuiteHeaders: false,
enableWafFailOpen: false,
enableXffClientPort: false,
enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: "string",
idleTimeout: 0,
internal: false,
ipAddressType: "string",
loadBalancerType: "string",
name: "string",
namePrefix: "string",
preserveHostHeader: false,
securityGroups: ["string"],
subnetMappings: [{
subnetId: "string",
allocationId: "string",
ipv6Address: "string",
outpostId: "string",
privateIpv4Address: "string",
}],
subnets: ["string"],
tags: {
string: "string",
},
xffHeaderProcessingMode: "string",
});
type: aws:lb:LoadBalancer
properties:
accessLogs:
bucket: string
enabled: false
prefix: string
clientKeepAlive: 0
connectionLogs:
bucket: string
enabled: false
prefix: string
customerOwnedIpv4Pool: string
desyncMitigationMode: string
dnsRecordClientRoutingPolicy: string
dropInvalidHeaderFields: false
enableCrossZoneLoadBalancing: false
enableDeletionProtection: false
enableHttp2: false
enableTlsVersionAndCipherSuiteHeaders: false
enableWafFailOpen: false
enableXffClientPort: false
enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: string
idleTimeout: 0
internal: false
ipAddressType: string
loadBalancerType: string
name: string
namePrefix: string
preserveHostHeader: false
securityGroups:
- string
subnetMappings:
- allocationId: string
ipv6Address: string
outpostId: string
privateIpv4Address: string
subnetId: string
subnets:
- string
tags:
string: string
xffHeaderProcessingMode: string
LoadBalancer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The LoadBalancer resource accepts the following input properties:
- Access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- Client
Keep intAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- Connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - Customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- Desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - Dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - Drop
Invalid boolHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - Enable
Cross boolZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - Enable
Deletion boolProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - Enable
Http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - Enable
Tls boolVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- Enable
Waf boolFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - Enable
Xff boolClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - Enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - Idle
Timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - Internal bool
- If true, the LB will be internal. Defaults to
false
. - Ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - Load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - Name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - Preserve
Host boolHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - Security
Groups List<string> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - Subnet
Mappings List<LoadBalancer Subnet Mapping> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - Subnets List<string>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
- Access
Logs LoadBalancer Access Logs Args - Access Logs block. See below.
- Client
Keep intAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- Connection
Logs LoadBalancer Connection Logs Args - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - Customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- Desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - Dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - Drop
Invalid boolHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - Enable
Cross boolZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - Enable
Deletion boolProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - Enable
Http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - Enable
Tls boolVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- Enable
Waf boolFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - Enable
Xff boolClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - Enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - Idle
Timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - Internal bool
- If true, the LB will be internal. Defaults to
false
. - Ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - Load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - Name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - Preserve
Host boolHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - Security
Groups []string - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - Subnet
Mappings []LoadBalancer Subnet Mapping Args - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - Subnets []string
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - map[string]string
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
- access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- client
Keep IntegerAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned StringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation StringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Record StringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid BooleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross BooleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion BooleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 Boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls BooleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf BooleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff BooleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security StringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout Integer - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal Boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address StringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer StringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix String - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host BooleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups List<String> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings List<LoadBalancer Subnet Mapping> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - xff
Header StringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
- access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- client
Keep numberAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid booleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross booleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion booleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls booleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf booleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff booleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout number - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host booleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups string[] - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings LoadBalancer Subnet Mapping[] - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets string[]
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
- access_
logs LoadBalancer Access Logs Args - Access Logs block. See below.
- client_
keep_ intalive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection_
logs LoadBalancer Connection Logs Args - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer_
owned_ stripv4_ pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync_
mitigation_ strmode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns_
record_ strclient_ routing_ policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop_
invalid_ boolheader_ fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable_
cross_ boolzone_ load_ balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable_
deletion_ boolprotection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable_
http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable_
tls_ boolversion_ and_ cipher_ suite_ headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable_
waf_ boolfail_ open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable_
xff_ boolclient_ port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce_
security_ strgroup_ inbound_ rules_ on_ private_ link_ traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle_
timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal bool
- If true, the LB will be internal. Defaults to
false
. - ip_
address_ strtype - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load_
balancer_ strtype - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name str
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name_
prefix str - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve_
host_ boolheader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security_
groups Sequence[str] - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet_
mappings Sequence[LoadBalancer Subnet Mapping Args] - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets Sequence[str]
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - xff_
header_ strprocessing_ mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
- access
Logs Property Map - Access Logs block. See below.
- client
Keep NumberAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs Property Map - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned StringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation StringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Record StringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid BooleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross BooleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion BooleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 Boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls BooleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf BooleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff BooleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security StringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout Number - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal Boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address StringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer StringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix String - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host BooleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups List<String> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings List<Property Map> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Map<String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - xff
Header StringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
.
Outputs
All input properties are implicitly available as output properties. Additionally, the LoadBalancer resource produces the following output properties:
- Arn string
- ARN of the load balancer (matches
id
). - Arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- Dns
Name string - DNS name of the load balancer.
- Id string
- The provider-assigned unique ID for this managed resource.
- Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Vpc
Id string - Zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- Arn string
- ARN of the load balancer (matches
id
). - Arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- Dns
Name string - DNS name of the load balancer.
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Vpc
Id string - Zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- arn String
- ARN of the load balancer (matches
id
). - arn
Suffix String - ARN suffix for use with CloudWatch Metrics.
- dns
Name String - DNS name of the load balancer.
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id String - zone
Id String - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- arn string
- ARN of the load balancer (matches
id
). - arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- dns
Name string - DNS name of the load balancer.
- id string
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id string - zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- arn str
- ARN of the load balancer (matches
id
). - arn_
suffix str - ARN suffix for use with CloudWatch Metrics.
- dns_
name str - DNS name of the load balancer.
- id str
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc_
id str - zone_
id str - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- arn String
- ARN of the load balancer (matches
id
). - arn
Suffix String - ARN suffix for use with CloudWatch Metrics.
- dns
Name String - DNS name of the load balancer.
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id String - zone
Id String - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
Look up Existing LoadBalancer Resource
Get an existing LoadBalancer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LoadBalancerState, opts?: CustomResourceOptions): LoadBalancer
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_logs: Optional[LoadBalancerAccessLogsArgs] = None,
arn: Optional[str] = None,
arn_suffix: Optional[str] = None,
client_keep_alive: Optional[int] = None,
connection_logs: Optional[LoadBalancerConnectionLogsArgs] = None,
customer_owned_ipv4_pool: Optional[str] = None,
desync_mitigation_mode: Optional[str] = None,
dns_name: Optional[str] = None,
dns_record_client_routing_policy: Optional[str] = None,
drop_invalid_header_fields: Optional[bool] = None,
enable_cross_zone_load_balancing: Optional[bool] = None,
enable_deletion_protection: Optional[bool] = None,
enable_http2: Optional[bool] = None,
enable_tls_version_and_cipher_suite_headers: Optional[bool] = None,
enable_waf_fail_open: Optional[bool] = None,
enable_xff_client_port: Optional[bool] = None,
enforce_security_group_inbound_rules_on_private_link_traffic: Optional[str] = None,
idle_timeout: Optional[int] = None,
internal: Optional[bool] = None,
ip_address_type: Optional[str] = None,
load_balancer_type: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
preserve_host_header: Optional[bool] = None,
security_groups: Optional[Sequence[str]] = None,
subnet_mappings: Optional[Sequence[LoadBalancerSubnetMappingArgs]] = None,
subnets: Optional[Sequence[str]] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
vpc_id: Optional[str] = None,
xff_header_processing_mode: Optional[str] = None,
zone_id: Optional[str] = None) -> LoadBalancer
func GetLoadBalancer(ctx *Context, name string, id IDInput, state *LoadBalancerState, opts ...ResourceOption) (*LoadBalancer, error)
public static LoadBalancer Get(string name, Input<string> id, LoadBalancerState? state, CustomResourceOptions? opts = null)
public static LoadBalancer get(String name, Output<String> id, LoadBalancerState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- Arn string
- ARN of the load balancer (matches
id
). - Arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- Client
Keep intAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- Connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - Customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- Desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - Dns
Name string - DNS name of the load balancer.
- Dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - Drop
Invalid boolHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - Enable
Cross boolZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - Enable
Deletion boolProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - Enable
Http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - Enable
Tls boolVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- Enable
Waf boolFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - Enable
Xff boolClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - Enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - Idle
Timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - Internal bool
- If true, the LB will be internal. Defaults to
false
. - Ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - Load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - Name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - Preserve
Host boolHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - Security
Groups List<string> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - Subnet
Mappings List<LoadBalancer Subnet Mapping> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - Subnets List<string>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Vpc
Id string - Xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - Zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- Access
Logs LoadBalancer Access Logs Args - Access Logs block. See below.
- Arn string
- ARN of the load balancer (matches
id
). - Arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- Client
Keep intAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- Connection
Logs LoadBalancer Connection Logs Args - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - Customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- Desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - Dns
Name string - DNS name of the load balancer.
- Dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - Drop
Invalid boolHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - Enable
Cross boolZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - Enable
Deletion boolProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - Enable
Http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - Enable
Tls boolVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- Enable
Waf boolFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - Enable
Xff boolClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - Enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - Idle
Timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - Internal bool
- If true, the LB will be internal. Defaults to
false
. - Ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - Load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - Name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - Name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - Preserve
Host boolHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - Security
Groups []string - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - Subnet
Mappings []LoadBalancer Subnet Mapping Args - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - Subnets []string
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - map[string]string
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Vpc
Id string - Xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - Zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- arn String
- ARN of the load balancer (matches
id
). - arn
Suffix String - ARN suffix for use with CloudWatch Metrics.
- client
Keep IntegerAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned StringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation StringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Name String - DNS name of the load balancer.
- dns
Record StringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid BooleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross BooleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion BooleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 Boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls BooleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf BooleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff BooleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security StringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout Integer - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal Boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address StringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer StringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix String - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host BooleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups List<String> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings List<LoadBalancer Subnet Mapping> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id String - xff
Header StringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - zone
Id String - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- access
Logs LoadBalancer Access Logs - Access Logs block. See below.
- arn string
- ARN of the load balancer (matches
id
). - arn
Suffix string - ARN suffix for use with CloudWatch Metrics.
- client
Keep numberAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs LoadBalancer Connection Logs - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned stringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation stringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Name string - DNS name of the load balancer.
- dns
Record stringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid booleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross booleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion booleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls booleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf booleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff booleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security stringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout number - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address stringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer stringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name string
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix string - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host booleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups string[] - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings LoadBalancer Subnet Mapping[] - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets string[]
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id string - xff
Header stringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - zone
Id string - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- access_
logs LoadBalancer Access Logs Args - Access Logs block. See below.
- arn str
- ARN of the load balancer (matches
id
). - arn_
suffix str - ARN suffix for use with CloudWatch Metrics.
- client_
keep_ intalive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection_
logs LoadBalancer Connection Logs Args - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer_
owned_ stripv4_ pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync_
mitigation_ strmode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns_
name str - DNS name of the load balancer.
- dns_
record_ strclient_ routing_ policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop_
invalid_ boolheader_ fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable_
cross_ boolzone_ load_ balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable_
deletion_ boolprotection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable_
http2 bool - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable_
tls_ boolversion_ and_ cipher_ suite_ headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable_
waf_ boolfail_ open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable_
xff_ boolclient_ port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce_
security_ strgroup_ inbound_ rules_ on_ private_ link_ traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle_
timeout int - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal bool
- If true, the LB will be internal. Defaults to
false
. - ip_
address_ strtype - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load_
balancer_ strtype - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name str
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name_
prefix str - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve_
host_ boolheader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security_
groups Sequence[str] - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet_
mappings Sequence[LoadBalancer Subnet Mapping Args] - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets Sequence[str]
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc_
id str - xff_
header_ strprocessing_ mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - zone_
id str - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
- access
Logs Property Map - Access Logs block. See below.
- arn String
- ARN of the load balancer (matches
id
). - arn
Suffix String - ARN suffix for use with CloudWatch Metrics.
- client
Keep NumberAlive - Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
- connection
Logs Property Map - Connection Logs block. See below. Only valid for Load Balancers of type
application
. - customer
Owned StringIpv4Pool - ID of the customer owned ipv4 pool to use for this load balancer.
- desync
Mitigation StringMode - How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are
monitor
,defensive
(default),strictest
. - dns
Name String - DNS name of the load balancer.
- dns
Record StringClient Routing Policy - How traffic is distributed among the load balancer Availability Zones. Possible values are
any_availability_zone
(default),availability_zone_affinity
, orpartial_availability_zone_affinity
. See Availability Zone DNS affinity for additional details. Only valid fornetwork
type load balancers. - drop
Invalid BooleanHeader Fields - Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type
application
. - enable
Cross BooleanZone Load Balancing - If true, cross-zone load balancing of the load balancer will be enabled. For
network
andgateway
type load balancers, this feature is disabled by default (false
). Forapplication
load balancer this feature is always enabled (true
) and cannot be disabled. Defaults tofalse
. - enable
Deletion BooleanProtection - If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to
false
. - enable
Http2 Boolean - Whether HTTP/2 is enabled in
application
load balancers. Defaults totrue
. - enable
Tls BooleanVersion And Cipher Suite Headers - Whether the two headers (
x-amzn-tls-version
andx-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of typeapplication
. Defaults tofalse
- enable
Waf BooleanFail Open - Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to
false
. - enable
Xff BooleanClient Port - Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in
application
load balancers. Defaults tofalse
. - enforce
Security StringGroup Inbound Rules On Private Link Traffic - Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type
network
. The possible values areon
andoff
. - idle
Timeout Number - Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type
application
. Default: 60. - internal Boolean
- If true, the LB will be internal. Defaults to
false
. - ip
Address StringType - Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type:
ipv4
(all load balancer types),dualstack
(all load balancer types), anddualstack-without-public-ipv4
(typeapplication
only). - load
Balancer StringType - Type of load balancer to create. Possible values are
application
,gateway
, ornetwork
. The default value isapplication
. - name String
- Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with
tf-lb
. - name
Prefix String - Creates a unique name beginning with the specified prefix. Conflicts with
name
. - preserve
Host BooleanHeader - Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to
false
. - security
Groups List<String> - List of security group IDs to assign to the LB. Only valid for Load Balancers of type
application
ornetwork
. For load balancers of typenetwork
security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource. - subnet
Mappings List<Property Map> - Subnet mapping block. See below. For Load Balancers of type
network
subnet mappings can only be added. - subnets List<String>
- List of subnet IDs to attach to the LB. For Load Balancers of type
network
subnets can only be added (see Availability Zones), deleting a subnet for load balancers of typenetwork
will force a recreation of the resource. - Map<String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - vpc
Id String - xff
Header StringProcessing Mode - Determines how the load balancer modifies the
X-Forwarded-For
header in the HTTP request before sending the request to the target. The possible values areappend
,preserve
, andremove
. Only valid for Load Balancers of typeapplication
. The default isappend
. - zone
Id String - Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
Supporting Types
LoadBalancerAccessLogs, LoadBalancerAccessLogsArgs
LoadBalancerConnectionLogs, LoadBalancerConnectionLogsArgs
LoadBalancerSubnetMapping, LoadBalancerSubnetMappingArgs
- Subnet
Id string - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- Allocation
Id string - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- Ipv6Address string
- IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- Outpost
Id string - Private
Ipv4Address string - Private IPv4 address for an internal load balancer.
- Subnet
Id string - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- Allocation
Id string - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- Ipv6Address string
- IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- Outpost
Id string - Private
Ipv4Address string - Private IPv4 address for an internal load balancer.
- subnet
Id String - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- allocation
Id String - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- ipv6Address String
- IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- outpost
Id String - private
Ipv4Address String - Private IPv4 address for an internal load balancer.
- subnet
Id string - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- allocation
Id string - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- ipv6Address string
- IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- outpost
Id string - private
Ipv4Address string - Private IPv4 address for an internal load balancer.
- subnet_
id str - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- allocation_
id str - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- ipv6_
address str - IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- outpost_
id str - private_
ipv4_ straddress - Private IPv4 address for an internal load balancer.
- subnet
Id String - ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone.
- allocation
Id String - Allocation ID of the Elastic IP address for an internet-facing load balancer.
- ipv6Address String
- IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers.
- outpost
Id String - private
Ipv4Address String - Private IPv4 address for an internal load balancer.
Import
Using pulumi import
, import LBs using their ARN. For example:
$ pulumi import aws:lb/loadBalancer:LoadBalancer bar arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.