Elastic Load Balancing
Application Load Balancers

Create a Listener for Your Application Load Balancer

A listener is a process that checks for connection requests. You define a listener when you create your load balancer, and you can add listeners to your load balancer at any time.


  • To add a forward action to the default listener rule, you must specify an available target group. For more information, see Create a Target Group.

  • To create an HTTPS listener, you must specify a certificate and a security policy. The load balancer uses the certificate to terminate the connection and decrypt requests from clients before routing them to targets. For more information, see SSL Certificates. The load balancer uses the security policy when negotiating SSL connections with the clients. For more information, see Security Policies.

Add a Listener

You configure a listener with a protocol and a port for connections from clients to the load balancer, and a target group for the default listener rule. For more information, see Listener Configuration.

To add a listener using the console

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. On the navigation pane, under LOAD BALANCING, choose Load Balancers.

  3. Select a load balancer, and choose Listeners, Add listener.

  4. For Protocol : port, choose HTTP or HTTPS. Keep the default port or type a different port.

  5. (Optional, HTTPS listeners) To authenticate users, for Default actions, choose Add action, Authenticate and provide the requested information. To save the action, choose the checkmark icon. For more information, see Authenticate Users Using an Application Load Balancer.

  6. For Default actions, do one of the following:

    • Choose Add action, Forward to and choose a target group.

    • Choose Add action, Redirect to and provide the URL for the redirect. For more information, see Redirect Actions.

    • Choose Add action, Return fixed response and provide a response code and optional response body. For more information, see Fixed-Response Actions.

    To save the action, choose the checkmark icon.

  7. [HTTPS listeners] For Security policy, we recommend that you keep the default security policy.

  8. [HTTPS listeners] For Default SSL certificate, do one of the following:

    • If you created or imported a certificate using AWS Certificate Manager, choose From ACM and choose the certificate.

    • If you uploaded a certificate using IAM, choose From IAM and choose the certificate.

  9. Choose Save.

  10. (Optional) To define additional listener rules that forward requests based on a path pattern or a hostname, see Add a Rule.

To add a listener using the AWS CLI

Use the create-listener command to create the listener and default rule, and the create-rule command to define additional listener rules.