ApplicationLoadBalancerProps
- class aws_cdk.aws_elasticloadbalancingv2.ApplicationLoadBalancerProps(*, vpc, cross_zone_enabled=None, deletion_protection=None, deny_all_igw_traffic=None, internet_facing=None, load_balancer_name=None, vpc_subnets=None, client_keep_alive=None, desync_mitigation_mode=None, drop_invalid_header_fields=None, http2_enabled=None, idle_timeout=None, ip_address_type=None, preserve_host_header=None, preserve_xff_client_port=None, security_group=None, waf_fail_open=None, x_amzn_tls_version_and_cipher_suite_headers=None, xff_header_processing_mode=None)
Bases:
BaseLoadBalancerProps
Properties for defining an Application Load Balancer.
- Parameters:
vpc (
IVpc
) – The VPC network to place the load balancer in.cross_zone_enabled (
Optional
[bool
]) – Indicates whether cross-zone load balancing is enabled. Default: - false for Network Load Balancers and true for Application Load Balancers. This can not befalse
for Application Load Balancers.deletion_protection (
Optional
[bool
]) – Indicates whether deletion protection is enabled. Default: falsedeny_all_igw_traffic (
Optional
[bool
]) – Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW). Default: - false for internet-facing load balancers and true for internal load balancersinternet_facing (
Optional
[bool
]) – Whether the load balancer has an internet-routable address. Default: falseload_balancer_name (
Optional
[str
]) – Name of the load balancer. Default: - Automatically generated name.vpc_subnets (
Union
[SubnetSelection
,Dict
[str
,Any
],None
]) – Which subnets place the load balancer in. Default: - the Vpc default strategy.client_keep_alive (
Optional
[Duration
]) – The client keep alive duration. The valid range is 60 to 604800 seconds (1 minute to 7 days). Default: - Duration.seconds(3600)desync_mitigation_mode (
Optional
[DesyncMitigationMode
]) – Determines how the load balancer handles requests that might pose a security risk to your application. Default: DesyncMitigationMode.DEFENSIVEdrop_invalid_header_fields (
Optional
[bool
]) – Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). Default: falsehttp2_enabled (
Optional
[bool
]) – Indicates whether HTTP/2 is enabled. Default: trueidle_timeout (
Optional
[Duration
]) – The load balancer idle timeout, in seconds. Default: 60ip_address_type (
Optional
[IpAddressType
]) – The type of IP addresses to use. Default: IpAddressType.IPV4preserve_host_header (
Optional
[bool
]) – Indicates whether the Application Load Balancer should preserve the host header in the HTTP request and send it to the target without any change. Default: falsepreserve_xff_client_port (
Optional
[bool
]) – Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. Default: falsesecurity_group (
Optional
[ISecurityGroup
]) – Security group to associate with this load balancer. Default: A security group is createdwaf_fail_open (
Optional
[bool
]) – Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Default: falsex_amzn_tls_version_and_cipher_suite_headers (
Optional
[bool
]) – Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. Default: falsexff_header_processing_mode (
Optional
[XffHeaderProcessingMode
]) – Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. Default: XffHeaderProcessingMode.APPEND
- See:
- ExampleMetadata:
infused
Example:
from aws_cdk.aws_autoscaling import AutoScalingGroup # asg: AutoScalingGroup # vpc: ec2.Vpc # Create the load balancer in a VPC. 'internetFacing' is 'false' # by default, which creates an internal load balancer. lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True ) # Add a listener and open up the load balancer's security group # to the world. listener = lb.add_listener("Listener", port=80, # 'open: true' is the default, you can leave it out if you want. Set it # to 'false' and use `listener.connections` if you want to be selective # about who can access the load balancer. open=True ) # Create an AutoScaling group and add it as a load balancing # target to the listener. listener.add_targets("ApplicationFleet", port=8080, targets=[asg] )
Attributes
- client_keep_alive
The client keep alive duration.
The valid range is 60 to 604800 seconds (1 minute to 7 days).
- Default:
Duration.seconds(3600)
- cross_zone_enabled
Indicates whether cross-zone load balancing is enabled.
- Default:
false for Network Load Balancers and true for Application Load Balancers.
This can not be
false
for Application Load Balancers.
- deletion_protection
Indicates whether deletion protection is enabled.
- Default:
false
- deny_all_igw_traffic
Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW).
- Default:
false for internet-facing load balancers and true for internal load balancers
- desync_mitigation_mode
Determines how the load balancer handles requests that might pose a security risk to your application.
- Default:
DesyncMitigationMode.DEFENSIVE
- drop_invalid_header_fields
Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false).
- Default:
false
- http2_enabled
Indicates whether HTTP/2 is enabled.
- Default:
true
- idle_timeout
The load balancer idle timeout, in seconds.
- Default:
60
- internet_facing
Whether the load balancer has an internet-routable address.
- Default:
false
- ip_address_type
The type of IP addresses to use.
- Default:
IpAddressType.IPV4
- load_balancer_name
Name of the load balancer.
- Default:
Automatically generated name.
- preserve_host_header
Indicates whether the Application Load Balancer should preserve the host header in the HTTP request and send it to the target without any change.
- Default:
false
- preserve_xff_client_port
Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer.
- Default:
false
- security_group
Security group to associate with this load balancer.
- Default:
A security group is created
- vpc
The VPC network to place the load balancer in.
- vpc_subnets
Which subnets place the load balancer in.
- Default:
the Vpc default strategy.
- waf_fail_open
Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF.
- Default:
false
- x_amzn_tls_version_and_cipher_suite_headers
Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target.
The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client.
Both headers are in OpenSSL format.
- Default:
false
- xff_header_processing_mode
Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target.
- Default:
XffHeaderProcessingMode.APPEND