Terraform resource: aws lb listener rule
(Redirected from Aws lb listener rule)
Jump to navigation
Jump to search
aws_alb_listener_rule is known as aws_lb_listener_rule. The functionality is identical. [1]
Arguments[edit]
Official example[edit]
resource "aws_lb" "front_end" {
# ...
}
resource "aws_lb_listener" "front_end" {
# Other parameters
}
resource "aws_lb_listener_rule" "static" {
listener_arn = aws_lb_listener.front_end.arn
priority = 100
action {
type = "forward"
target_group_arn = aws_lb_target_group.static.arn
}
condition {
path_pattern {
values = ["/static/*"]
}
}
condition {
host_header {
values = ["example.com"]
}
}
}
# Forward action resource "aws_lb_listener_rule" "host_based_weighted_routing" { listener_arn = aws_lb_listener.front_end.arn priority = 99 action { type = "forward" target_group_arn = aws_lb_target_group.static.arn } condition { host_header { values = ["my-service.*.terraform.io"] } } }
# Weighted Forward action
resource "aws_lb_listener_rule" "host_based_routing" {
listener_arn = aws_lb_listener.front_end.arn
priority = 99
action {
type = "forward"
forward {
target_group {
arn = aws_lb_target_group.main.arn
weight = 80
}
target_group {
arn = aws_lb_target_group.canary.arn
weight = 20
}
stickiness {
enabled = true
duration = 600
}
}
}
condition {
host_header {
values = ["my-service.*.terraform.io"]
}
}
}
# Redirect action
resource "aws_lb_listener_rule" "redirect_http_to_https" {
listener_arn = aws_lb_listener.front_end.arn
action {
type = "redirect"
redirect {
port = "443"
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
condition {
http_header {
http_header_name = "X-Forwarded-For"
values = ["192.168.1.*"]
}
}
}
# Fixed-response action
resource "aws_lb_listener_rule" "health_check" {
listener_arn = aws_lb_listener.front_end.arn
action {
type = "fixed-response"
fixed_response {
content_type = "text/plain"
message_body = "HEALTHY"
status_code = "200"
}
}
condition {
query_string {
key = "health"
value = "check"
}
query_string {
value = "bar"
}
}
}
# Authenticate-cognito Action
resource "aws_cognito_user_pool" "pool" {
# ...
}
resource "aws_cognito_user_pool_client" "client" {
# ...
}
resource "aws_cognito_user_pool_domain" "domain" {
# ...
}
resource "aws_lb_listener_rule" "admin" {
listener_arn = aws_lb_listener.front_end.arn
action {
type = "authenticate-cognito"
authenticate_cognito {
user_pool_arn = aws_cognito_user_pool.pool.arn
user_pool_client_id = aws_cognito_user_pool_client.client.id
user_pool_domain = aws_cognito_user_pool_domain.domain.domain
}
}
action {
type = "forward"
target_group_arn = aws_lb_target_group.static.arn
}
}
# Authenticate-oidc Action
resource "aws_lb_listener_rule" "oidc" {
listener_arn = aws_lb_listener.front_end.arn
action {
type = "authenticate-oidc"
authenticate_oidc {
authorization_endpoint = "https://example.com/authorization_endpoint"
client_id = "client_id"
client_secret = "client_secret"
issuer = "https://example.com"
token_endpoint = "https://example.com/token_endpoint"
user_info_endpoint = "https://example.com/user_info_endpoint"
}
}
action {
type = "forward"
target_group_arn = aws_lb_target_group.static.arn
}
}
Related terms[edit]
AWS::ElasticLoadBalancingV2::Listener- Terraform resource:
aws_lb_target_group - aws_security_group_rule
- authenticate-cognito
arn:aws:elasticloadbalancingpath_patternin Cloudfront
See also[edit]
- Terraform LB:
aws_lb: drop_invalid_header_fields - Terraform AWS resources: IAM, Net, EC2, ECS, ECR, S3, Route53, ACM, CloudWatch, CloudFront SES, RDS, DLM
Advertising:
