| action list subresource |
List of actions associated with the rule. (Required)
- authenticate-cognito-action subresource
Authentication through user pools supported by Amazon Cognito. Cannot be set if any of authenticate-oidc-action, fixed-response-action, forward-action or redirect-action is set.
- extra-params map
- Up to 10 query parameters to include in the redirect request to the authorization endpoint.
- on-unauthenticated-request
The behavior if the use is not authenticated.
Defaults to authenticate.
- scope
- The set of user claims to be request from th IdP. Defaults to
openid.
- session-cookie-name
- The name of the cookie used to maintain session information. Defaults to
AWSELBAuthSessionCookie.
- session-timeout
- The maximum duration of the authentication session. Defaults to 604800 seconds.
- user-pool-arn
- The arn of the cognito user pool associated with the action.
- user-pool-client
- The cognito user pool client resource associated with the action.
- user-pool-domain
- The user pool domain resource associated with the user pool.
- authenticate-oidc-action subresource
Authentication through provider that is OpenID Connect (OIDC) compliant. Cannot be set if any of authenticate-cognito-action, fixed-response-action, forward-action or redirect-action is set.
- extra-params map
- Up to 10 query parameters to include in the redirect request to the authorization endpoint.
- authorization-endpoint
- The authorization endpoint of the IdP.
- client-id
- The OAuth 2.0 client identifier.
- client-secret
- The OAuth 2.0 client secret. Required if creating a rule.
- issuer
- The OIDC issuer identifier of the IdP.
- on-unauthenticated-request
The behavior if the use is not authenticated.
Defaults to authenticate.
- scope
- The set of user claims to be request from th IdP. Defaults to
openid.
- session-cookie-name
- The name of the cookie used to maintain session information. Defaults to
AWSELBAuthSessionCookie.
- session-timeout
- The maximum duration of the authentication session. Defaults to 604800 seconds.
- token-endpoint
- The token endpoint of the IdP.
- user-info-endpoint
- The user token endpoint of the IdP.
- forward-action subresource
Action to support multiple ALB Target groups. If both this field and {@link TargetGroupResource}
are defined, they must match and only will support a single target. This field should be used
when forward weights should be used. Cannot be set if any of authenticate-cognito-action, authenticate-oidc-action, fixed-response-action or redirect-action is set.
- target-group-weight list subresource
The list of target groups and their associated weight for forwarding.
- target-group
- The target group to which requests are forwarded
- weight
The weight of the ratio of requests forwarded to the given target group.
The ratio is this weight / total weights from all target groups configured
- target-group-stickiness subresource
The configuration to determine if subsequent requests should stay with the same target group.
- enabled
- When set to
true, the requests will be directed to the same target group
- duration
- The amount of time for which requests should be directed to the same target group
- fixed-response-action subresource
Used to specify a custom response for an action. Cannot be set if any of authenticate-cognito-action, authenticate-oidc-action, forward-action or redirect-action is set.
- content-type
- The content type.
- message-body
- The message.
- status-code
- The status code.
- order
- The order in which the action should take place.
- redirect-action subresource
Redirect requests from one URL to another. Cannot be set if any of authenticate-cognito-action, authenticate-oidc-action, fixed-response-action or forward-action is set.
- host
- The hostname.
- path
- The absolute path starting with “/”.
- port
- The port.
- protocol
- The protocol.
- query
- The query parameters.
- status-code
- The HTTP redirect code.
- validate list
- Actions can only have a single type configured.
|
| condition list subresource |
List of conditions associated with the rule. (Required)
- host-header-config
- The information for a host header condition. Cannot be set if any of
value, field, http-header-config, http-request-method-config, path-pattern-config, query-string-config or source-ip-config is set.
- http-header-config
- The information for an HTTP header condition. Cannot be set if any of
host-header-config, http-request-method-config, path-pattern-config, query-string-config or source-ip-config is set.
- http-request-method-config
- The information for an HTTP method condition. Cannot be set if any of
host-header-config, http-header-config, path-pattern-config, query-string-config or source-ip-config is set.
- path-pattern-config
- The information for a path pattern condition. Cannot be set if any of
host-header-config, http-header-config, http-request-method-config, query-string-config or source-ip-config is set.
- query-string-config
- The information for a query string condition. Cannot be set if any of
host-header-config, http-header-config, http-request-method-config, path-pattern-config or source-ip-config is set.
- source-ip-config
- The information for a source IP condition. Cannot be set if any of
host-header-config, http-header-config, http-request-method-config, path-pattern-config or query-string-config is set.
|