Namespace Pulumi.Aws.ElasticLoadBalancing
Classes
AppCookieStickinessPolicy
Provides an application cookie stickiness policy, which allows an ELB to wed its sticky cookie's expiration to a cookie generated by your application.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var lb = new Aws.Elb.LoadBalancer("lb", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 8000,
InstanceProtocol = "http",
LbPort = 80,
LbProtocol = "http",
},
},
});
var foo = new Aws.Elb.AppCookieStickinessPolicy("foo", new Aws.Elb.AppCookieStickinessPolicyArgs
{
CookieName = "MyAppCookie",
LbPort = 80,
LoadBalancer = lb.Name,
});
}
}
AppCookieStickinessPolicyArgs
AppCookieStickinessPolicyState
Attachment
Attaches an EC2 instance to an Elastic Load Balancer (ELB). For attaching resources with Application Load Balancer (ALB) or Network Load Balancer (NLB), see the aws.lb.TargetGroupAttachment resource.
NOTE on ELB Instances and ELB Attachments: This provider currently provides both a standalone ELB Attachment resource (describing an instance attached to an ELB), and an Elastic Load Balancer resource with
instancesdefined in-line. At this time you cannot use an ELB with in-line instances in conjunction with an ELB Attachment resource. Doing so will cause a conflict and will overwrite attachments.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
// Create a new load balancer attachment
var baz = new Aws.Elb.Attachment("baz", new Aws.Elb.AttachmentArgs
{
Elb = aws_elb.Bar.Id,
Instance = aws_instance.Foo.Id,
});
}
}
AttachmentArgs
AttachmentState
GetHostedZoneId
GetHostedZoneIdArgs
GetHostedZoneIdResult
GetLoadBalancer
GetLoadBalancerArgs
GetLoadBalancerResult
GetServiceAccount
GetServiceAccountArgs
GetServiceAccountResult
ListenerPolicy
Attaches a load balancer policy to an ELB Listener.
Example Usage for Custom Policy
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var wu_tang = new Aws.Elb.LoadBalancer("wu-tang", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 443,
InstanceProtocol = "http",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::000000000000:server-certificate/wu-tang.net",
},
},
Tags =
{
{ "Name", "wu-tang" },
},
});
var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy("wu-tang-ssl", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "ECDHE-ECDSA-AES128-GCM-SHA256",
Value = "true",
},
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "Protocol-TLSv1.2",
Value = "true",
},
},
PolicyName = "wu-tang-ssl",
PolicyTypeName = "SSLNegotiationPolicyType",
});
var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy("wu-tang-listener-policies-443", new Aws.Elb.ListenerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
LoadBalancerPort = 443,
PolicyNames =
{
wu_tang_ssl.PolicyName,
},
});
}
}
This example shows how to customize the TLS settings of an HTTPS listener.
Example Usage for AWS Predefined Security Policy
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var wu_tang = new Aws.Elb.LoadBalancer("wu-tang", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 443,
InstanceProtocol = "http",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::000000000000:server-certificate/wu-tang.net",
},
},
Tags =
{
{ "Name", "wu-tang" },
},
});
var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy("wu-tang-ssl-tls-1-1", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "Reference-Security-Policy",
Value = "ELBSecurityPolicy-TLS-1-1-2017-01",
},
},
PolicyName = "wu-tang-ssl",
PolicyTypeName = "SSLNegotiationPolicyType",
});
var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy("wu-tang-listener-policies-443", new Aws.Elb.ListenerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
LoadBalancerPort = 443,
PolicyNames =
{
wu_tang_ssl_tls_1_1.PolicyName,
},
});
}
}
This example shows how to add a Predefined Security Policy for ELBs
ListenerPolicyArgs
ListenerPolicyState
LoadBalancer
Provides an Elastic Load Balancer resource, also known as a "Classic Load Balancer" after the release of Application/Network Load Balancers.
NOTE on ELB Instances and ELB Attachments: This provider currently provides both a standalone ELB Attachment resource (describing an instance attached to an ELB), and an ELB resource with
instancesdefined in-line. At this time you cannot use an ELB with in-line instances in conjunction with a ELB Attachment resources. Doing so will cause a conflict and will overwrite attachments.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
// Create a new load balancer
var bar = new Aws.Elb.LoadBalancer("bar", new Aws.Elb.LoadBalancerArgs
{
AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs
{
Bucket = "foo",
BucketPrefix = "bar",
Interval = 60,
},
AvailabilityZones =
{
"us-west-2a",
"us-west-2b",
"us-west-2c",
},
ConnectionDraining = true,
ConnectionDrainingTimeout = 400,
CrossZoneLoadBalancing = true,
HealthCheck = new Aws.Elb.Inputs.LoadBalancerHealthCheckArgs
{
HealthyThreshold = 2,
Interval = 30,
Target = "HTTP:8000/",
Timeout = 3,
UnhealthyThreshold = 2,
},
IdleTimeout = 400,
Instances =
{
aws_instance.Foo.Id,
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 8000,
InstanceProtocol = "http",
LbPort = 80,
LbProtocol = "http",
},
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 8000,
InstanceProtocol = "http",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::123456789012:server-certificate/certName",
},
},
Tags =
{
{ "Name", "foobar-elb" },
},
});
}
}
Note on ECDSA Key Algorithm
If the ARN of the ssl_certificate_id that is pointed to references a
certificate that was signed by an ECDSA key, note that ELB only supports the
P256 and P384 curves. Using a certificate signed by a key using a different
curve could produce the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH in your
browser.
LoadBalancerArgs
LoadBalancerBackendServerPolicy
Attaches a load balancer policy to an ELB backend server.
Example Usage
using System.IO;
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var wu_tang = new Aws.Elb.LoadBalancer("wu-tang", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 443,
InstanceProtocol = "http",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::000000000000:server-certificate/wu-tang.net",
},
},
Tags =
{
{ "Name", "wu-tang" },
},
});
var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy("wu-tang-ca-pubkey-policy", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "PublicKey",
Value = File.ReadAllText("wu-tang-pubkey"),
},
},
PolicyName = "wu-tang-ca-pubkey-policy",
PolicyTypeName = "PublicKeyPolicyType",
});
var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy("wu-tang-root-ca-backend-auth-policy", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "PublicKeyPolicyName",
Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,
},
},
PolicyName = "wu-tang-root-ca-backend-auth-policy",
PolicyTypeName = "BackendServerAuthenticationPolicyType",
});
var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy("wu-tang-backend-auth-policies-443", new Aws.Elb.LoadBalancerBackendServerPolicyArgs
{
InstancePort = 443,
LoadBalancerName = wu_tang.Name,
PolicyNames =
{
wu_tang_root_ca_backend_auth_policy.PolicyName,
},
});
}
}
LoadBalancerBackendServerPolicyArgs
LoadBalancerBackendServerPolicyState
LoadBalancerCookieStickinessPolicy
Provides a load balancer cookie stickiness policy, which allows an ELB to control the sticky session lifetime of the browser.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var lb = new Aws.Elb.LoadBalancer("lb", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 8000,
InstanceProtocol = "http",
LbPort = 80,
LbProtocol = "http",
},
},
});
var foo = new Aws.Elb.LoadBalancerCookieStickinessPolicy("foo", new Aws.Elb.LoadBalancerCookieStickinessPolicyArgs
{
CookieExpirationPeriod = 600,
LbPort = 80,
LoadBalancer = lb.Id,
});
}
}
LoadBalancerCookieStickinessPolicyArgs
LoadBalancerCookieStickinessPolicyState
LoadBalancerPolicy
Provides a load balancer policy, which can be attached to an ELB listener or backend server.
Example Usage
using System.IO;
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var wu_tang = new Aws.Elb.LoadBalancer("wu-tang", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 443,
InstanceProtocol = "http",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::000000000000:server-certificate/wu-tang.net",
},
},
Tags =
{
{ "Name", "wu-tang" },
},
});
var wu_tang_ca_pubkey_policy = new Aws.Elb.LoadBalancerPolicy("wu-tang-ca-pubkey-policy", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "PublicKey",
Value = File.ReadAllText("wu-tang-pubkey"),
},
},
PolicyName = "wu-tang-ca-pubkey-policy",
PolicyTypeName = "PublicKeyPolicyType",
});
var wu_tang_root_ca_backend_auth_policy = new Aws.Elb.LoadBalancerPolicy("wu-tang-root-ca-backend-auth-policy", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "PublicKeyPolicyName",
Value = aws_load_balancer_policy.Wu_tang_root_ca_pubkey_policy.Policy_name,
},
},
PolicyName = "wu-tang-root-ca-backend-auth-policy",
PolicyTypeName = "BackendServerAuthenticationPolicyType",
});
var wu_tang_ssl = new Aws.Elb.LoadBalancerPolicy("wu-tang-ssl", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "ECDHE-ECDSA-AES128-GCM-SHA256",
Value = "true",
},
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "Protocol-TLSv1.2",
Value = "true",
},
},
PolicyName = "wu-tang-ssl",
PolicyTypeName = "SSLNegotiationPolicyType",
});
var wu_tang_ssl_tls_1_1 = new Aws.Elb.LoadBalancerPolicy("wu-tang-ssl-tls-1-1", new Aws.Elb.LoadBalancerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
PolicyAttributes =
{
new Aws.Elb.Inputs.LoadBalancerPolicyPolicyAttributeArgs
{
Name = "Reference-Security-Policy",
Value = "ELBSecurityPolicy-TLS-1-1-2017-01",
},
},
PolicyName = "wu-tang-ssl",
PolicyTypeName = "SSLNegotiationPolicyType",
});
var wu_tang_backend_auth_policies_443 = new Aws.Elb.LoadBalancerBackendServerPolicy("wu-tang-backend-auth-policies-443", new Aws.Elb.LoadBalancerBackendServerPolicyArgs
{
InstancePort = 443,
LoadBalancerName = wu_tang.Name,
PolicyNames =
{
wu_tang_root_ca_backend_auth_policy.PolicyName,
},
});
var wu_tang_listener_policies_443 = new Aws.Elb.ListenerPolicy("wu-tang-listener-policies-443", new Aws.Elb.ListenerPolicyArgs
{
LoadBalancerName = wu_tang.Name,
LoadBalancerPort = 443,
PolicyNames =
{
wu_tang_ssl.PolicyName,
},
});
}
}
LoadBalancerPolicyArgs
LoadBalancerPolicyState
LoadBalancerState
SslNegotiationPolicy
Provides a load balancer SSL negotiation policy, which allows an ELB to control the ciphers and protocols that are supported during SSL negotiations between a client and a load balancer.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var lb = new Aws.Elb.LoadBalancer("lb", new Aws.Elb.LoadBalancerArgs
{
AvailabilityZones =
{
"us-east-1a",
},
Listeners =
{
new Aws.Elb.Inputs.LoadBalancerListenerArgs
{
InstancePort = 8000,
InstanceProtocol = "https",
LbPort = 443,
LbProtocol = "https",
SslCertificateId = "arn:aws:iam::123456789012:server-certificate/certName",
},
},
});
var foo = new Aws.Elb.SslNegotiationPolicy("foo", new Aws.Elb.SslNegotiationPolicyArgs
{
Attributes =
{
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "Protocol-TLSv1",
Value = "false",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "Protocol-TLSv1.1",
Value = "false",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "Protocol-TLSv1.2",
Value = "true",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "Server-Defined-Cipher-Order",
Value = "true",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "ECDHE-RSA-AES128-GCM-SHA256",
Value = "true",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "AES128-GCM-SHA256",
Value = "true",
},
new Aws.Elb.Inputs.SslNegotiationPolicyAttributeArgs
{
Name = "EDH-RSA-DES-CBC3-SHA",
Value = "false",
},
},
LbPort = 443,
LoadBalancer = lb.Id,
});
}
}