Listener
data class ListenerRuleArgs(val actions: Output<List<ListenerRuleActionArgs>>? = null, val conditions: Output<List<ListenerRuleConditionArgs>>? = null, val listenerArn: Output<String>? = null, val priority: Output<Int>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<ListenerRuleArgs>
Provides a Load Balancer Listener Rule resource.
Note:
aws.alb.ListenerRuleis known asaws.lb.ListenerRule. The functionality is identical.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const frontEnd = new aws.lb.LoadBalancer("front_end", {});
const frontEndListener = new aws.lb.Listener("front_end", {});
const static = new aws.lb.ListenerRule("static", {
listenerArn: frontEndListener.arn,
priority: 100,
actions: [{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
}],
conditions: [
{
pathPattern: {
values: ["/static/*"],
},
},
{
hostHeader: {
values: ["example.com"],
},
},
],
});
// Forward action
const hostBasedWeightedRouting = new aws.lb.ListenerRule("host_based_weighted_routing", {
listenerArn: frontEndListener.arn,
priority: 99,
actions: [{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
}],
conditions: [{
hostHeader: {
values: ["my-service.*.mycompany.io"],
},
}],
});
// Weighted Forward action
const hostBasedRouting = new aws.lb.ListenerRule("host_based_routing", {
listenerArn: frontEndListener.arn,
priority: 99,
actions: [{
type: "forward",
forward: {
targetGroups: [
{
arn: main.arn,
weight: 80,
},
{
arn: canary.arn,
weight: 20,
},
],
stickiness: {
enabled: true,
duration: 600,
},
},
}],
conditions: [{
hostHeader: {
values: ["my-service.*.mycompany.io"],
},
}],
});
// Redirect action
const redirectHttpToHttps = new aws.lb.ListenerRule("redirect_http_to_https", {
listenerArn: frontEndListener.arn,
actions: [{
type: "redirect",
redirect: {
port: "443",
protocol: "HTTPS",
statusCode: "HTTP_301",
},
}],
conditions: [{
httpHeader: {
httpHeaderName: "X-Forwarded-For",
values: ["192.168.1.*"],
},
}],
});
// Fixed-response action
const healthCheck = new aws.lb.ListenerRule("health_check", {
listenerArn: frontEndListener.arn,
actions: [{
type: "fixed-response",
fixedResponse: {
contentType: "text/plain",
messageBody: "HEALTHY",
statusCode: "200",
},
}],
conditions: [{
queryStrings: [
{
key: "health",
value: "check",
},
{
value: "bar",
},
],
}],
});
// Authenticate-cognito Action
const pool = new aws.cognito.UserPool("pool", {});
const client = new aws.cognito.UserPoolClient("client", {});
const domain = new aws.cognito.UserPoolDomain("domain", {});
const admin = new aws.lb.ListenerRule("admin", {
listenerArn: frontEndListener.arn,
actions: [
{
type: "authenticate-cognito",
authenticateCognito: {
userPoolArn: pool.arn,
userPoolClientId: client.id,
userPoolDomain: domain.domain,
},
},
{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
},
],
});
// Authenticate-oidc Action
const oidc = new aws.lb.ListenerRule("oidc", {
listenerArn: frontEndListener.arn,
actions: [
{
type: "authenticate-oidc",
authenticateOidc: {
authorizationEndpoint: "https://example.com/authorization_endpoint",
clientId: "client_id",
clientSecret: "client_secret",
issuer: "https://example.com",
tokenEndpoint: "https://example.com/token_endpoint",
userInfoEndpoint: "https://example.com/user_info_endpoint",
},
},
{
type: "forward",
targetGroupArn: staticAwsLbTargetGroup.arn,
},
],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
front_end = aws.lb.LoadBalancer("front_end")
front_end_listener = aws.lb.Listener("front_end")
static = aws.lb.ListenerRule("static",
listener_arn=front_end_listener.arn,
priority=100,
actions=[{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
}],
conditions=[
{
"path_pattern": {
"values": ["/static/*"],
},
},
{
"host_header": {
"values": ["example.com"],
},
},
])
# Forward action
host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
listener_arn=front_end_listener.arn,
priority=99,
actions=[{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
}],
conditions=[{
"host_header": {
"values": ["my-service.*.mycompany.io"],
},
}])
# Weighted Forward action
host_based_routing = aws.lb.ListenerRule("host_based_routing",
listener_arn=front_end_listener.arn,
priority=99,
actions=[{
"type": "forward",
"forward": {
"target_groups": [
{
"arn": main["arn"],
"weight": 80,
},
{
"arn": canary["arn"],
"weight": 20,
},
],
"stickiness": {
"enabled": True,
"duration": 600,
},
},
}],
conditions=[{
"host_header": {
"values": ["my-service.*.mycompany.io"],
},
}])
# Redirect action
redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
listener_arn=front_end_listener.arn,
actions=[{
"type": "redirect",
"redirect": {
"port": "443",
"protocol": "HTTPS",
"status_code": "HTTP_301",
},
}],
conditions=[{
"http_header": {
"http_header_name": "X-Forwarded-For",
"values": ["192.168.1.*"],
},
}])
# Fixed-response action
health_check = aws.lb.ListenerRule("health_check",
listener_arn=front_end_listener.arn,
actions=[{
"type": "fixed-response",
"fixed_response": {
"content_type": "text/plain",
"message_body": "HEALTHY",
"status_code": "200",
},
}],
conditions=[{
"query_strings": [
{
"key": "health",
"value": "check",
},
{
"value": "bar",
},
],
}])
# Authenticate-cognito Action
pool = aws.cognito.UserPool("pool")
client = aws.cognito.UserPoolClient("client")
domain = aws.cognito.UserPoolDomain("domain")
admin = aws.lb.ListenerRule("admin",
listener_arn=front_end_listener.arn,
actions=[
{
"type": "authenticate-cognito",
"authenticate_cognito": {
"user_pool_arn": pool.arn,
"user_pool_client_id": client.id,
"user_pool_domain": domain.domain,
},
},
{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
},
])
# Authenticate-oidc Action
oidc = aws.lb.ListenerRule("oidc",
listener_arn=front_end_listener.arn,
actions=[
{
"type": "authenticate-oidc",
"authenticate_oidc": {
"authorization_endpoint": "https://example.com/authorization_endpoint",
"client_id": "client_id",
"client_secret": "client_secret",
"issuer": "https://example.com",
"token_endpoint": "https://example.com/token_endpoint",
"user_info_endpoint": "https://example.com/user_info_endpoint",
},
},
{
"type": "forward",
"target_group_arn": static_aws_lb_target_group["arn"],
},
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var frontEnd = new Aws.LB.LoadBalancer("front_end");
var frontEndListener = new Aws.LB.Listener("front_end");
var @static = new Aws.LB.ListenerRule("static", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 100,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs
{
Values = new[]
{
"/static/*",
},
},
},
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"example.com",
},
},
},
},
});
// Forward action
var hostBasedWeightedRouting = new Aws.LB.ListenerRule("host_based_weighted_routing", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 99,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"my-service.*.mycompany.io",
},
},
},
},
});
// Weighted Forward action
var hostBasedRouting = new Aws.LB.ListenerRule("host_based_routing", new()
{
ListenerArn = frontEndListener.Arn,
Priority = 99,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs
{
TargetGroups = new[]
{
new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
{
Arn = main.Arn,
Weight = 80,
},
new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs
{
Arn = canary.Arn,
Weight = 20,
},
},
Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs
{
Enabled = true,
Duration = 600,
},
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values = new[]
{
"my-service.*.mycompany.io",
},
},
},
},
});
// Redirect action
var redirectHttpToHttps = new Aws.LB.ListenerRule("redirect_http_to_https", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "redirect",
Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs
{
Port = "443",
Protocol = "HTTPS",
StatusCode = "HTTP_301",
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs
{
HttpHeaderName = "X-Forwarded-For",
Values = new[]
{
"192.168.1.*",
},
},
},
},
});
// Fixed-response action
var healthCheck = new Aws.LB.ListenerRule("health_check", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "fixed-response",
FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs
{
ContentType = "text/plain",
MessageBody = "HEALTHY",
StatusCode = "200",
},
},
},
Conditions = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
QueryStrings = new[]
{
new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
{
Key = "health",
Value = "check",
},
new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs
{
Value = "bar",
},
},
},
},
});
// Authenticate-cognito Action
var pool = new Aws.Cognito.UserPool("pool");
var client = new Aws.Cognito.UserPoolClient("client");
var domain = new Aws.Cognito.UserPoolDomain("domain");
var admin = new Aws.LB.ListenerRule("admin", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "authenticate-cognito",
AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs
{
UserPoolArn = pool.Arn,
UserPoolClientId = client.Id,
UserPoolDomain = domain.Domain,
},
},
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
});
// Authenticate-oidc Action
var oidc = new Aws.LB.ListenerRule("oidc", new()
{
ListenerArn = frontEndListener.Arn,
Actions = new[]
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "authenticate-oidc",
AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "https://example.com/authorization_endpoint",
ClientId = "client_id",
ClientSecret = "client_secret",
Issuer = "https://example.com",
TokenEndpoint = "https://example.com/token_endpoint",
UserInfoEndpoint = "https://example.com/user_info_endpoint",
},
},
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Type = "forward",
TargetGroupArn = staticAwsLbTargetGroup.Arn,
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lb.NewLoadBalancer(ctx, "front_end", nil)
if err != nil {
return err
}
frontEndListener, err := lb.NewListener(ctx, "front_end", nil)
if err != nil {
return err
}
_, err = lb.NewListenerRule(ctx, "static", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(100),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
PathPattern: &lb.ListenerRuleConditionPathPatternArgs{
Values: pulumi.StringArray{
pulumi.String("/static/*"),
},
},
},
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("example.com"),
},
},
},
},
})
if err != nil {
return err
}
// Forward action
_, err = lb.NewListenerRule(ctx, "host_based_weighted_routing", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(99),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("my-service.*.mycompany.io"),
},
},
},
},
})
if err != nil {
return err
}
// Weighted Forward action
_, err = lb.NewListenerRule(ctx, "host_based_routing", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Priority: pulumi.Int(99),
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
Forward: &lb.ListenerRuleActionForwardArgs{
TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{
&lb.ListenerRuleActionForwardTargetGroupArgs{
Arn: pulumi.Any(main.Arn),
Weight: pulumi.Int(80),
},
&lb.ListenerRuleActionForwardTargetGroupArgs{
Arn: pulumi.Any(canary.Arn),
Weight: pulumi.Int(20),
},
},
Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{
Enabled: pulumi.Bool(true),
Duration: pulumi.Int(600),
},
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{
Values: pulumi.StringArray{
pulumi.String("my-service.*.mycompany.io"),
},
},
},
},
})
if err != nil {
return err
}
// Redirect action
_, err = lb.NewListenerRule(ctx, "redirect_http_to_https", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("redirect"),
Redirect: &lb.ListenerRuleActionRedirectArgs{
Port: pulumi.String("443"),
Protocol: pulumi.String("HTTPS"),
StatusCode: pulumi.String("HTTP_301"),
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{
HttpHeaderName: pulumi.String("X-Forwarded-For"),
Values: pulumi.StringArray{
pulumi.String("192.168.1.*"),
},
},
},
},
})
if err != nil {
return err
}
// Fixed-response action
_, err = lb.NewListenerRule(ctx, "health_check", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("fixed-response"),
FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{
ContentType: pulumi.String("text/plain"),
MessageBody: pulumi.String("HEALTHY"),
StatusCode: pulumi.String("200"),
},
},
},
Conditions: lb.ListenerRuleConditionArray{
&lb.ListenerRuleConditionArgs{
QueryStrings: lb.ListenerRuleConditionQueryStringArray{
&lb.ListenerRuleConditionQueryStringArgs{
Key: pulumi.String("health"),
Value: pulumi.String("check"),
},
&lb.ListenerRuleConditionQueryStringArgs{
Value: pulumi.String("bar"),
},
},
},
},
})
if err != nil {
return err
}
// Authenticate-cognito Action
pool, err := cognito.NewUserPool(ctx, "pool", nil)
if err != nil {
return err
}
client, err := cognito.NewUserPoolClient(ctx, "client", nil)
if err != nil {
return err
}
domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil)
if err != nil {
return err
}
_, err = lb.NewListenerRule(ctx, "admin", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("authenticate-cognito"),
AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{
UserPoolArn: pool.Arn,
UserPoolClientId: client.ID(),
UserPoolDomain: domain.Domain,
},
},
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
})
if err != nil {
return err
}
// Authenticate-oidc Action
_, err = lb.NewListenerRule(ctx, "oidc", &lb.ListenerRuleArgs{
ListenerArn: frontEndListener.Arn,
Actions: lb.ListenerRuleActionArray{
&lb.ListenerRuleActionArgs{
Type: pulumi.String("authenticate-oidc"),
AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{
AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"),
ClientId: pulumi.String("client_id"),
ClientSecret: pulumi.String("client_secret"),
Issuer: pulumi.String("https://example.com"),
TokenEndpoint: pulumi.String("https://example.com/token_endpoint"),
UserInfoEndpoint: pulumi.String("https://example.com/user_info_endpoint"),
},
},
&lb.ListenerRuleActionArgs{
Type: pulumi.String("forward"),
TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lb.LoadBalancer;
import com.pulumi.aws.lb.Listener;
import com.pulumi.aws.lb.ListenerRule;
import com.pulumi.aws.lb.ListenerRuleArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolClient;
import com.pulumi.aws.cognito.UserPoolDomain;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;
import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var frontEnd = new LoadBalancer("frontEnd");
var frontEndListener = new Listener("frontEndListener");
var static_ = new ListenerRule("static", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(100)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.conditions(
ListenerRuleConditionArgs.builder()
.pathPattern(ListenerRuleConditionPathPatternArgs.builder()
.values("/static/*")
.build())
.build(),
ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("example.com")
.build())
.build())
.build());
// Forward action
var hostBasedWeightedRouting = new ListenerRule("hostBasedWeightedRouting", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(99)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("my-service.*.mycompany.io")
.build())
.build())
.build());
// Weighted Forward action
var hostBasedRouting = new ListenerRule("hostBasedRouting", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.priority(99)
.actions(ListenerRuleActionArgs.builder()
.type("forward")
.forward(ListenerRuleActionForwardArgs.builder()
.targetGroups(
ListenerRuleActionForwardTargetGroupArgs.builder()
.arn(main.arn())
.weight(80)
.build(),
ListenerRuleActionForwardTargetGroupArgs.builder()
.arn(canary.arn())
.weight(20)
.build())
.stickiness(ListenerRuleActionForwardStickinessArgs.builder()
.enabled(true)
.duration(600)
.build())
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
.values("my-service.*.mycompany.io")
.build())
.build())
.build());
// Redirect action
var redirectHttpToHttps = new ListenerRule("redirectHttpToHttps", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(ListenerRuleActionArgs.builder()
.type("redirect")
.redirect(ListenerRuleActionRedirectArgs.builder()
.port("443")
.protocol("HTTPS")
.statusCode("HTTP_301")
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
.httpHeaderName("X-Forwarded-For")
.values("192.168.1.*")
.build())
.build())
.build());
// Fixed-response action
var healthCheck = new ListenerRule("healthCheck", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(ListenerRuleActionArgs.builder()
.type("fixed-response")
.fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
.contentType("text/plain")
.messageBody("HEALTHY")
.statusCode("200")
.build())
.build())
.conditions(ListenerRuleConditionArgs.builder()
.queryStrings(
ListenerRuleConditionQueryStringArgs.builder()
.key("health")
.value("check")
.build(),
ListenerRuleConditionQueryStringArgs.builder()
.value("bar")
.build())
.build())
.build());
// Authenticate-cognito Action
var pool = new UserPool("pool");
var client = new UserPoolClient("client");
var domain = new UserPoolDomain("domain");
var admin = new ListenerRule("admin", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(
ListenerRuleActionArgs.builder()
.type("authenticate-cognito")
.authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
.userPoolArn(pool.arn())
.userPoolClientId(client.id())
.userPoolDomain(domain.domain())
.build())
.build(),
ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.build());
// Authenticate-oidc Action
var oidc = new ListenerRule("oidc", ListenerRuleArgs.builder()
.listenerArn(frontEndListener.arn())
.actions(
ListenerRuleActionArgs.builder()
.type("authenticate-oidc")
.authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
.authorizationEndpoint("https://example.com/authorization_endpoint")
.clientId("client_id")
.clientSecret("client_secret")
.issuer("https://example.com")
.tokenEndpoint("https://example.com/token_endpoint")
.userInfoEndpoint("https://example.com/user_info_endpoint")
.build())
.build(),
ListenerRuleActionArgs.builder()
.type("forward")
.targetGroupArn(staticAwsLbTargetGroup.arn())
.build())
.build());
}
}Content copied to clipboard
resources:
frontEnd:
type: aws:lb:LoadBalancer
name: front_end
frontEndListener:
type: aws:lb:Listener
name: front_end
static:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
priority: 100
actions:
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
conditions:
- pathPattern:
values:
- /static/*
- hostHeader:
values:
- example.com
# Forward action
hostBasedWeightedRouting:
type: aws:lb:ListenerRule
name: host_based_weighted_routing
properties:
listenerArn: ${frontEndListener.arn}
priority: 99
actions:
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
conditions:
- hostHeader:
values:
- my-service.*.mycompany.io
# Weighted Forward action
hostBasedRouting:
type: aws:lb:ListenerRule
name: host_based_routing
properties:
listenerArn: ${frontEndListener.arn}
priority: 99
actions:
- type: forward
forward:
targetGroups:
- arn: ${main.arn}
weight: 80
- arn: ${canary.arn}
weight: 20
stickiness:
enabled: true
duration: 600
conditions:
- hostHeader:
values:
- my-service.*.mycompany.io
# Redirect action
redirectHttpToHttps:
type: aws:lb:ListenerRule
name: redirect_http_to_https
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: redirect
redirect:
port: '443'
protocol: HTTPS
statusCode: HTTP_301
conditions:
- httpHeader:
httpHeaderName: X-Forwarded-For
values:
- 192.168.1.*
# Fixed-response action
healthCheck:
type: aws:lb:ListenerRule
name: health_check
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: fixed-response
fixedResponse:
contentType: text/plain
messageBody: HEALTHY
statusCode: '200'
conditions:
- queryStrings:
- key: health
value: check
- value: bar
# Authenticate-cognito Action
pool:
type: aws:cognito:UserPool
client:
type: aws:cognito:UserPoolClient
domain:
type: aws:cognito:UserPoolDomain
admin:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: authenticate-cognito
authenticateCognito:
userPoolArn: ${pool.arn}
userPoolClientId: ${client.id}
userPoolDomain: ${domain.domain}
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}
# Authenticate-oidc Action
oidc:
type: aws:lb:ListenerRule
properties:
listenerArn: ${frontEndListener.arn}
actions:
- type: authenticate-oidc
authenticateOidc:
authorizationEndpoint: https://example.com/authorization_endpoint
clientId: client_id
clientSecret: client_secret
issuer: https://example.com
tokenEndpoint: https://example.com/token_endpoint
userInfoEndpoint: https://example.com/user_info_endpoint
- type: forward
targetGroupArn: ${staticAwsLbTargetGroup.arn}Content copied to clipboard
Import
Using pulumi import, import rules using their ARN. For example:
$ pulumi import aws:lb/listenerRule:ListenerRule front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26bContent copied to clipboard
Constructors
Link copied to clipboard
constructor(actions: Output<List<ListenerRuleActionArgs>>? = null, conditions: Output<List<ListenerRuleConditionArgs>>? = null, listenerArn: Output<String>? = null, priority: Output<Int>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
An Action block. Action blocks are documented below.
Link copied to clipboard
A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below.
Link copied to clipboard
The ARN of the listener to which to attach the rule.