aws::network-load-balancer-listener

Example

aws::network-load-balancer-listener listener-example
    port: "80"
    protocol: "TCP"
    nlb: $(aws::network-load-balancer nlb-example | load-balancer)

    default-action
        target-group-arn: $(aws::load-balancer-target-group target-group-example | target-group-arn)
        type: "forward"
    end
end

Attributes

Attribute Description
certificate list subresource

List of certificates associated with the listener.

arn
ARN of the certificate. (Required)
is-default
Determines if the certificate is default.
default-certificate The default certificate ARN associated with the listener. Required with HTTPS protocol.
port Connection port between client and the load balancer. (Required)
protocol Connection protocol between client and the load balancer. (Required)
ssl-policy Security policy that defines supported protocols and ciphers.
default-action subresource

The default action associated with the listener. (Required)

target-group
The target group that this action is associated with
type
The type of action to perform (Required)
authenticate-cognito-action subresource

Authentication through user pools supported by Amazon Cognito.

extra-params map
Up to 10 query parameters to include in the redirect request to the authorization endpoint.
on-unauthenticated-request

The behavior if the use is not authenticated.

Defaults to authenticate.

scope
The set of user claims to be request from th IdP. Defaults to openid.
session-cookie-name
The name of the cookie used to maintain session information. Defaults to AWSELBAuthSessionCookie.
session-timeout
The maximum duration of the authentication session. Defaults to 604800 seconds.
user-pool-arn
The arn of the cognito user pool associated with the action.
user-pool-client
The cognito user pool client resource associated with the action.
user-pool-domain
The user pool domain resource associated with the user pool.
authenticate-oidc-action subresource

Authentication through provider that is OpenID Connect (OIDC) compliant.

extra-params map
Up to 10 query parameters to include in the redirect request to the authorization endpoint.
authorization-endpoint
The authorization endpoint of the IdP.
client-id
The OAuth 2.0 client identifier.
client-secret
The OAuth 2.0 client secret. Required if creating a rule.
issuer
The OIDC issuer identifier of the IdP.
on-unauthenticated-request

The behavior if the use is not authenticated.

Defaults to authenticate.

scope
The set of user claims to be request from th IdP. Defaults to openid.
session-cookie-name
The name of the cookie used to maintain session information. Defaults to AWSELBAuthSessionCookie.
session-timeout
The maximum duration of the authentication session. Defaults to 604800 seconds.
token-endpoint
The token endpoint of the IdP.
user-info-endpoint
The user token endpoint of the IdP.
fixed-response-action subresource

Used to specify a custom response for an action.

content-type
The content type.
message-body
The message.
status-code
The status code.
order
The order in which the action should take place.
redirect-action subresource

Redirect requests from one URL to another.

host
The hostname.
path
The absolute path starting with “/”.
port
The port.
protocol
The protocol.
query
The query parameters.
status-code
The HTTP redirect code.
nlb The nlb that the listener is attached to. (Required)

Outputs

Attribute Description
arn The arn of the listener.