ApplicationLoadBalancerProps

class aws_cdk.aws_elasticloadbalancingv2.ApplicationLoadBalancerProps(*, vpc, cross_zone_enabled=None, deletion_protection=None, deny_all_igw_traffic=None, internet_facing=None, load_balancer_name=None, vpc_subnets=None, client_keep_alive=None, desync_mitigation_mode=None, drop_invalid_header_fields=None, http2_enabled=None, idle_timeout=None, ip_address_type=None, preserve_host_header=None, preserve_xff_client_port=None, security_group=None, waf_fail_open=None, x_amzn_tls_version_and_cipher_suite_headers=None, xff_header_processing_mode=None)

Bases: BaseLoadBalancerProps

Properties for defining an Application Load Balancer.

Parameters:

vpc (IVpc) – The VPC network to place the load balancer in.
cross_zone_enabled (Optional[bool]) – Indicates whether cross-zone load balancing is enabled. Default: - false for Network Load Balancers and true for Application Load Balancers.
deletion_protection (Optional[bool]) – Indicates whether deletion protection is enabled. Default: false
deny_all_igw_traffic (Optional[bool]) – Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW). Default: - false for internet-facing load balancers and true for internal load balancers
internet_facing (Optional[bool]) – Whether the load balancer has an internet-routable address. Default: false
load_balancer_name (Optional[str]) – Name of the load balancer. Default: - Automatically generated name.
vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – Which subnets place the load balancer in. Default: - the Vpc default strategy.
client_keep_alive (Optional[Duration]) – The client keep alive duration. The valid range is 60 to 604800 seconds (1 minute to 7 days). Default: - Duration.seconds(3600)
desync_mitigation_mode (Optional[DesyncMitigationMode]) – Determines how the load balancer handles requests that might pose a security risk to your application. Default: DesyncMitigationMode.DEFENSIVE
drop_invalid_header_fields (Optional[bool]) – Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). Default: false
http2_enabled (Optional[bool]) – Indicates whether HTTP/2 is enabled. Default: true
idle_timeout (Optional[Duration]) – The load balancer idle timeout, in seconds. Default: 60
ip_address_type (Optional[IpAddressType]) – The type of IP addresses to use. Default: IpAddressType.IPV4
preserve_host_header (Optional[bool]) – Indicates whether the Application Load Balancer should preserve the host header in the HTTP request and send it to the target without any change. Default: false
preserve_xff_client_port (Optional[bool]) – Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. Default: false
security_group (Optional[ISecurityGroup]) – Security group to associate with this load balancer. Default: A security group is created
waf_fail_open (Optional[bool]) – Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Default: false
x_amzn_tls_version_and_cipher_suite_headers (Optional[bool]) – Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. Default: false
xff_header_processing_mode (Optional[XffHeaderProcessingMode]) – Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. Default: XffHeaderProcessingMode.APPEND

See:

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes

ExampleMetadata:

infused

Example:

from aws_cdk.aws_autoscaling import AutoScalingGroup
# asg: AutoScalingGroup
# vpc: ec2.Vpc


# Create the load balancer in a VPC. 'internetFacing' is 'false'
# by default, which creates an internal load balancer.
lb = elbv2.ApplicationLoadBalancer(self, "LB",
    vpc=vpc,
    internet_facing=True
)

# Add a listener and open up the load balancer's security group
# to the world.
listener = lb.add_listener("Listener",
    port=80,

    # 'open: true' is the default, you can leave it out if you want. Set it
    # to 'false' and use `listener.connections` if you want to be selective
    # about who can access the load balancer.
    open=True
)

# Create an AutoScaling group and add it as a load balancing
# target to the listener.
listener.add_targets("ApplicationFleet",
    port=8080,
    targets=[asg]
)

Attributes

client_keep_alive

The client keep alive duration.

The valid range is 60 to 604800 seconds (1 minute to 7 days).

Default:

Duration.seconds(3600)

cross_zone_enabled

Indicates whether cross-zone load balancing is enabled.

Default:

false for Network Load Balancers and true for Application Load Balancers.

deletion_protection

Indicates whether deletion protection is enabled.

Default:: false

deny_all_igw_traffic

Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW).

Default:

false for internet-facing load balancers and true for internal load balancers

desync_mitigation_mode

Determines how the load balancer handles requests that might pose a security risk to your application.

Default:: DesyncMitigationMode.DEFENSIVE

drop_invalid_header_fields

Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false).

Default:: false

http2_enabled

Indicates whether HTTP/2 is enabled.

Default:: true

idle_timeout

The load balancer idle timeout, in seconds.

Default:: 60

internet_facing

Whether the load balancer has an internet-routable address.

Default:: false

ip_address_type

The type of IP addresses to use.

Default:: IpAddressType.IPV4

load_balancer_name

Name of the load balancer.

Default:

Automatically generated name.

preserve_host_header

Indicates whether the Application Load Balancer should preserve the host header in the HTTP request and send it to the target without any change.

Default:: false

preserve_xff_client_port

Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer.

Default:: false

security_group

Security group to associate with this load balancer.

Default:: A security group is created

vpc: The VPC network to place the load balancer in.

vpc_subnets

Which subnets place the load balancer in.

Default:

the Vpc default strategy.

waf_fail_open

Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF.

Default:: false

x_amzn_tls_version_and_cipher_suite_headers

Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target.

The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client.

Both headers are in OpenSSL format.

Default:: false

xff_header_processing_mode

Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target.

Default:: XffHeaderProcessingMode.APPEND