AWS::ElasticLoadBalancingV2::Listener - AWS CloudFormation

AWS::ElasticLoadBalancingV2::Listener

Specifies a listener for an Application Load Balancer or Network Load Balancer.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::ElasticLoadBalancingV2::Listener", "Properties" : { "AlpnPolicy" : [ String, ... ], "Certificates" : [ Certificate, ... ], "DefaultActions" : [ Action, ... ], "LoadBalancerArn" : String, "Port" : Integer, "Protocol" : String, "SslPolicy" : String } }

YAML

Type: AWS::ElasticLoadBalancingV2::Listener Properties: AlpnPolicy: - String Certificates: - Certificate DefaultActions: - Action LoadBalancerArn: String Port: Integer Protocol: String SslPolicy: String

Properties

AlpnPolicy

[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.

Required: No

Type: List of String

Update requires: No interruption

Certificates

The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.

To create a certificate list for a secure listener, use AWS::ElasticLoadBalancingV2::ListenerCertificate.

Required: Conditional

Type: List of Certificate

Update requires: No interruption

DefaultActions

The actions for the default rule. You cannot define a condition for a default rule.

To create additional rules for an Application Load Balancer, use AWS::ElasticLoadBalancingV2::ListenerRule.

Required: Yes

Type: List of Action

Update requires: No interruption

LoadBalancerArn

The Amazon Resource Name (ARN) of the load balancer.

Required: Yes

Type: String

Update requires: Replacement

Port

The port on which the load balancer is listening. You cannot specify a port for a Gateway Load Balancer.

Required: No

Type: Integer

Minimum: 1

Maximum: 65535

Update requires: No interruption

Protocol

The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.

Required: No

Type: String

Allowed values: GENEVE | HTTP | HTTPS | TCP | TCP_UDP | TLS | UDP

Update requires: No interruption

SslPolicy

[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.

For more information, see Security policies in the Application Load Balancers Guide and Security policies in the Network Load Balancers Guide.

Required: No

Type: String

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the Amazon Resource Name (ARN) of the listener.

For more information about using the Ref function, see Ref.

Fn::GetAtt

ListenerArn

Not currently supported by AWS CloudFormation.

Examples

The following example creates a listener with a default action that redirects HTTP requests on port 80 to HTTPS requests on port 443, retaining the original host name, path, and query string.

YAML

HTTPlistener: Type: "AWS::ElasticLoadBalancingV2::Listener" Properties: DefaultActions: - Type: "redirect" RedirectConfig: Protocol: "HTTPS" Port: "443" Host: "#{host}" Path: "/#{path}" Query: "#{query}" StatusCode: "HTTP_301" LoadBalancerArn: !Ref myLoadBalancer Port: 80 Protocol: "HTTP"

JSON

"HTTPlistener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [ { "Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "Host": "#{host}", "Path": "/#{path}", "Query": "#{query}", "StatusCode": "HTTP_301" } } ], "LoadBalancerArn": { "Ref": "myLoadBalancer" }, "Port": 80, "Protocol": "HTTP" } }

See also

  • CreateListener in the Elastic Load Balancing API Reference (version 2015-12-01)

  • Listeners in the User Guide for Application Load Balancers

  • Listeners in the User Guide for Network Load Balancers