Documentation ¶
Index ¶
- func ApplicationListenerCertificate_IsConstruct(x interface{}) *bool
- func ApplicationListenerRule_IsConstruct(x interface{}) *bool
- func ApplicationListener_IsConstruct(x interface{}) *bool
- func ApplicationListener_IsOwnedResource(construct constructs.IConstruct) *bool
- func ApplicationListener_IsResource(construct constructs.IConstruct) *bool
- func ApplicationLoadBalancer_IsConstruct(x interface{}) *bool
- func ApplicationLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
- func ApplicationLoadBalancer_IsResource(construct constructs.IConstruct) *bool
- func ApplicationTargetGroup_IsConstruct(x interface{}) *bool
- func BaseListener_IsConstruct(x interface{}) *bool
- func BaseListener_IsOwnedResource(construct constructs.IConstruct) *bool
- func BaseListener_IsResource(construct constructs.IConstruct) *bool
- func BaseLoadBalancer_IsConstruct(x interface{}) *bool
- func BaseLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
- func BaseLoadBalancer_IsResource(construct constructs.IConstruct) *bool
- func CfnListenerCertificate_CFN_RESOURCE_TYPE_NAME() *string
- func CfnListenerCertificate_IsCfnElement(x interface{}) *bool
- func CfnListenerCertificate_IsCfnResource(x interface{}) *bool
- func CfnListenerCertificate_IsConstruct(x interface{}) *bool
- func CfnListenerRule_CFN_RESOURCE_TYPE_NAME() *string
- func CfnListenerRule_IsCfnElement(x interface{}) *bool
- func CfnListenerRule_IsCfnResource(x interface{}) *bool
- func CfnListenerRule_IsConstruct(x interface{}) *bool
- func CfnListener_CFN_RESOURCE_TYPE_NAME() *string
- func CfnListener_IsCfnElement(x interface{}) *bool
- func CfnListener_IsCfnResource(x interface{}) *bool
- func CfnListener_IsConstruct(x interface{}) *bool
- func CfnLoadBalancer_CFN_RESOURCE_TYPE_NAME() *string
- func CfnLoadBalancer_IsCfnElement(x interface{}) *bool
- func CfnLoadBalancer_IsCfnResource(x interface{}) *bool
- func CfnLoadBalancer_IsConstruct(x interface{}) *bool
- func CfnTargetGroup_CFN_RESOURCE_TYPE_NAME() *string
- func CfnTargetGroup_IsCfnElement(x interface{}) *bool
- func CfnTargetGroup_IsCfnResource(x interface{}) *bool
- func CfnTargetGroup_IsConstruct(x interface{}) *bool
- func CfnTrustStoreRevocation_CFN_RESOURCE_TYPE_NAME() *string
- func CfnTrustStoreRevocation_IsCfnElement(x interface{}) *bool
- func CfnTrustStoreRevocation_IsCfnResource(x interface{}) *bool
- func CfnTrustStoreRevocation_IsConstruct(x interface{}) *bool
- func CfnTrustStore_CFN_RESOURCE_TYPE_NAME() *string
- func CfnTrustStore_IsCfnElement(x interface{}) *bool
- func CfnTrustStore_IsCfnResource(x interface{}) *bool
- func CfnTrustStore_IsConstruct(x interface{}) *bool
- func NetworkListener_IsConstruct(x interface{}) *bool
- func NetworkListener_IsOwnedResource(construct constructs.IConstruct) *bool
- func NetworkListener_IsResource(construct constructs.IConstruct) *bool
- func NetworkLoadBalancer_IsConstruct(x interface{}) *bool
- func NetworkLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
- func NetworkLoadBalancer_IsResource(construct constructs.IConstruct) *bool
- func NetworkTargetGroup_IsConstruct(x interface{}) *bool
- func NewApplicationListenerCertificate_Override(a ApplicationListenerCertificate, scope constructs.Construct, id *string, ...)
- func NewApplicationListenerRule_Override(a ApplicationListenerRule, scope constructs.Construct, id *string, ...)
- func NewApplicationListener_Override(a ApplicationListener, scope constructs.Construct, id *string, ...)
- func NewApplicationLoadBalancer_Override(a ApplicationLoadBalancer, scope constructs.Construct, id *string, ...)
- func NewApplicationTargetGroup_Override(a ApplicationTargetGroup, scope constructs.Construct, id *string, ...)
- func NewBaseListener_Override(b BaseListener, scope constructs.Construct, id *string, ...)
- func NewBaseLoadBalancer_Override(b BaseLoadBalancer, scope constructs.Construct, id *string, ...)
- func NewCfnListenerCertificate_Override(c CfnListenerCertificate, scope constructs.Construct, id *string, ...)
- func NewCfnListenerRule_Override(c CfnListenerRule, scope constructs.Construct, id *string, ...)
- func NewCfnListener_Override(c CfnListener, scope constructs.Construct, id *string, props *CfnListenerProps)
- func NewCfnLoadBalancer_Override(c CfnLoadBalancer, scope constructs.Construct, id *string, ...)
- func NewCfnTargetGroup_Override(c CfnTargetGroup, scope constructs.Construct, id *string, ...)
- func NewCfnTrustStoreRevocation_Override(c CfnTrustStoreRevocation, scope constructs.Construct, id *string, ...)
- func NewCfnTrustStore_Override(c CfnTrustStore, scope constructs.Construct, id *string, ...)
- func NewListenerAction_Override(l ListenerAction, defaultActionJson *CfnListener_ActionProperty, ...)
- func NewListenerCertificate_Override(l ListenerCertificate, certificateArn *string)
- func NewListenerCondition_Override(l ListenerCondition)
- func NewNetworkListenerAction_Override(n NetworkListenerAction, defaultActionJson *CfnListener_ActionProperty, ...)
- func NewNetworkListener_Override(n NetworkListener, scope constructs.Construct, id *string, ...)
- func NewNetworkLoadBalancer_Override(n NetworkLoadBalancer, scope constructs.Construct, id *string, ...)
- func NewNetworkTargetGroup_Override(n NetworkTargetGroup, scope constructs.Construct, id *string, ...)
- func NewTargetGroupBase_Override(t TargetGroupBase, scope constructs.Construct, id *string, ...)
- func NewTrustStoreRevocation_Override(t TrustStoreRevocation, scope constructs.Construct, id *string, ...)
- func NewTrustStore_Override(t TrustStore, scope constructs.Construct, id *string, props *TrustStoreProps)
- func TargetGroupBase_IsConstruct(x interface{}) *bool
- func TrustStoreRevocation_IsConstruct(x interface{}) *bool
- func TrustStoreRevocation_IsOwnedResource(construct constructs.IConstruct) *bool
- func TrustStoreRevocation_IsResource(construct constructs.IConstruct) *bool
- func TrustStore_IsConstruct(x interface{}) *bool
- func TrustStore_IsOwnedResource(construct constructs.IConstruct) *bool
- func TrustStore_IsResource(construct constructs.IConstruct) *bool
- type AddApplicationActionProps
- type AddApplicationTargetGroupsProps
- type AddApplicationTargetsProps
- type AddNetworkActionProps
- type AddNetworkTargetsProps
- type AddRuleProps
- type AlpnPolicy
- type ApplicationListener
- type ApplicationListenerAttributes
- type ApplicationListenerCertificate
- type ApplicationListenerCertificateProps
- type ApplicationListenerLookupOptions
- type ApplicationListenerProps
- type ApplicationListenerRule
- type ApplicationListenerRuleProps
- type ApplicationLoadBalancer
- type ApplicationLoadBalancerAttributes
- type ApplicationLoadBalancerLookupOptions
- type ApplicationLoadBalancerProps
- type ApplicationLoadBalancerRedirectConfig
- type ApplicationProtocol
- type ApplicationProtocolVersion
- type ApplicationTargetGroup
- type ApplicationTargetGroupProps
- type AuthenticateOidcOptions
- type BaseApplicationListenerProps
- type BaseApplicationListenerRuleProps
- type BaseListener
- type BaseListenerLookupOptions
- type BaseLoadBalancer
- type BaseLoadBalancerLookupOptions
- type BaseLoadBalancerProps
- type BaseNetworkListenerProps
- type BaseTargetGroupProps
- type CfnListener
- type CfnListenerCertificate
- type CfnListenerCertificateProps
- type CfnListenerCertificate_CertificateProperty
- type CfnListenerProps
- type CfnListenerRule
- type CfnListenerRuleProps
- type CfnListenerRule_ActionProperty
- type CfnListenerRule_AuthenticateCognitoConfigProperty
- type CfnListenerRule_AuthenticateOidcConfigProperty
- type CfnListenerRule_FixedResponseConfigProperty
- type CfnListenerRule_ForwardConfigProperty
- type CfnListenerRule_HostHeaderConfigProperty
- type CfnListenerRule_HttpHeaderConfigProperty
- type CfnListenerRule_HttpRequestMethodConfigProperty
- type CfnListenerRule_PathPatternConfigProperty
- type CfnListenerRule_QueryStringConfigProperty
- type CfnListenerRule_QueryStringKeyValueProperty
- type CfnListenerRule_RedirectConfigProperty
- type CfnListenerRule_RuleConditionProperty
- type CfnListenerRule_SourceIpConfigProperty
- type CfnListenerRule_TargetGroupStickinessConfigProperty
- type CfnListenerRule_TargetGroupTupleProperty
- type CfnListener_ActionProperty
- type CfnListener_AuthenticateCognitoConfigProperty
- type CfnListener_AuthenticateOidcConfigProperty
- type CfnListener_CertificateProperty
- type CfnListener_FixedResponseConfigProperty
- type CfnListener_ForwardConfigProperty
- type CfnListener_MutualAuthenticationProperty
- type CfnListener_RedirectConfigProperty
- type CfnListener_TargetGroupStickinessConfigProperty
- type CfnListener_TargetGroupTupleProperty
- type CfnLoadBalancer
- type CfnLoadBalancerProps
- type CfnLoadBalancer_LoadBalancerAttributeProperty
- type CfnLoadBalancer_SubnetMappingProperty
- type CfnTargetGroup
- type CfnTargetGroupProps
- type CfnTargetGroup_MatcherProperty
- type CfnTargetGroup_TargetDescriptionProperty
- type CfnTargetGroup_TargetGroupAttributeProperty
- type CfnTrustStore
- type CfnTrustStoreProps
- type CfnTrustStoreRevocation
- type CfnTrustStoreRevocationProps
- type CfnTrustStoreRevocation_RevocationContentProperty
- type CfnTrustStoreRevocation_TrustStoreRevocationProperty
- type ClientRoutingPolicy
- type DesyncMitigationMode
- type FixedResponseOptions
- type ForwardOptions
- type HealthCheck
- type HttpCodeElb
- type HttpCodeTarget
- type IApplicationListener
- type IApplicationLoadBalancer
- type IApplicationLoadBalancerMetrics
- type IApplicationLoadBalancerTarget
- type IApplicationTargetGroup
- type IApplicationTargetGroupMetrics
- type IListener
- type IListenerAction
- type IListenerCertificate
- type ILoadBalancerV2
- type INetworkListener
- type INetworkLoadBalancer
- type INetworkLoadBalancerMetrics
- type INetworkLoadBalancerTarget
- type INetworkTargetGroup
- type INetworkTargetGroupMetrics
- type ITargetGroup
- type ITrustStore
- type IpAddressType
- type ListenerAction
- func ListenerAction_AuthenticateOidc(options *AuthenticateOidcOptions) ListenerAction
- func ListenerAction_FixedResponse(statusCode *float64, options *FixedResponseOptions) ListenerAction
- func ListenerAction_Forward(targetGroups *[]IApplicationTargetGroup, options *ForwardOptions) ListenerAction
- func ListenerAction_Redirect(options *RedirectOptions) ListenerAction
- func ListenerAction_WeightedForward(targetGroups *[]*WeightedTargetGroup, options *ForwardOptions) ListenerAction
- func NewListenerAction(defaultActionJson *CfnListener_ActionProperty, next ListenerAction) ListenerAction
- type ListenerCertificate
- type ListenerCondition
- func ListenerCondition_HostHeaders(values *[]*string) ListenerCondition
- func ListenerCondition_HttpHeader(name *string, values *[]*string) ListenerCondition
- func ListenerCondition_HttpRequestMethods(values *[]*string) ListenerCondition
- func ListenerCondition_PathPatterns(values *[]*string) ListenerCondition
- func ListenerCondition_QueryStrings(values *[]*QueryStringCondition) ListenerCondition
- func ListenerCondition_SourceIps(values *[]*string) ListenerCondition
- type LoadBalancerTargetProps
- type MutualAuthentication
- type MutualAuthenticationMode
- type NetworkForwardOptions
- type NetworkListener
- type NetworkListenerAction
- func NetworkListenerAction_Forward(targetGroups *[]INetworkTargetGroup, options *NetworkForwardOptions) NetworkListenerAction
- func NetworkListenerAction_WeightedForward(targetGroups *[]*NetworkWeightedTargetGroup, options *NetworkForwardOptions) NetworkListenerAction
- func NewNetworkListenerAction(defaultActionJson *CfnListener_ActionProperty, next NetworkListenerAction) NetworkListenerAction
- type NetworkListenerLookupOptions
- type NetworkListenerProps
- type NetworkLoadBalancer
- type NetworkLoadBalancerAttributes
- type NetworkLoadBalancerLookupOptions
- type NetworkLoadBalancerProps
- type NetworkTargetGroup
- type NetworkTargetGroupProps
- type NetworkWeightedTargetGroup
- type Protocol
- type QueryStringCondition
- type RedirectOptions
- type RevocationContent
- type RevocationType
- type SslPolicy
- type TargetGroupAttributes
- type TargetGroupBase
- type TargetGroupLoadBalancingAlgorithmType
- type TargetType
- type TrustStore
- type TrustStoreProps
- type TrustStoreRevocation
- type TrustStoreRevocationProps
- type UnauthenticatedAction
- type WeightedTargetGroup
- type XffHeaderProcessingMode
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ApplicationListenerCertificate_IsConstruct ¶
func ApplicationListenerCertificate_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func ApplicationListenerRule_IsConstruct ¶
func ApplicationListenerRule_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func ApplicationListener_IsConstruct ¶
func ApplicationListener_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func ApplicationListener_IsOwnedResource ¶ added in v2.32.0
func ApplicationListener_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func ApplicationListener_IsResource ¶
func ApplicationListener_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func ApplicationLoadBalancer_IsConstruct ¶
func ApplicationLoadBalancer_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func ApplicationLoadBalancer_IsOwnedResource ¶ added in v2.32.0
func ApplicationLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func ApplicationLoadBalancer_IsResource ¶
func ApplicationLoadBalancer_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func ApplicationTargetGroup_IsConstruct ¶
func ApplicationTargetGroup_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func BaseListener_IsConstruct ¶
func BaseListener_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func BaseListener_IsOwnedResource ¶ added in v2.32.0
func BaseListener_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func BaseListener_IsResource ¶
func BaseListener_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func BaseLoadBalancer_IsConstruct ¶
func BaseLoadBalancer_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func BaseLoadBalancer_IsOwnedResource ¶ added in v2.32.0
func BaseLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func BaseLoadBalancer_IsResource ¶
func BaseLoadBalancer_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func CfnListenerCertificate_CFN_RESOURCE_TYPE_NAME ¶
func CfnListenerCertificate_CFN_RESOURCE_TYPE_NAME() *string
func CfnListenerCertificate_IsCfnElement ¶
func CfnListenerCertificate_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnListenerCertificate_IsCfnResource ¶
func CfnListenerCertificate_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnListenerCertificate_IsConstruct ¶
func CfnListenerCertificate_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnListenerRule_CFN_RESOURCE_TYPE_NAME ¶
func CfnListenerRule_CFN_RESOURCE_TYPE_NAME() *string
func CfnListenerRule_IsCfnElement ¶
func CfnListenerRule_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnListenerRule_IsCfnResource ¶
func CfnListenerRule_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnListenerRule_IsConstruct ¶
func CfnListenerRule_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnListener_CFN_RESOURCE_TYPE_NAME ¶
func CfnListener_CFN_RESOURCE_TYPE_NAME() *string
func CfnListener_IsCfnElement ¶
func CfnListener_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnListener_IsCfnResource ¶
func CfnListener_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnListener_IsConstruct ¶
func CfnListener_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnLoadBalancer_CFN_RESOURCE_TYPE_NAME ¶
func CfnLoadBalancer_CFN_RESOURCE_TYPE_NAME() *string
func CfnLoadBalancer_IsCfnElement ¶
func CfnLoadBalancer_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnLoadBalancer_IsCfnResource ¶
func CfnLoadBalancer_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnLoadBalancer_IsConstruct ¶
func CfnLoadBalancer_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnTargetGroup_CFN_RESOURCE_TYPE_NAME ¶
func CfnTargetGroup_CFN_RESOURCE_TYPE_NAME() *string
func CfnTargetGroup_IsCfnElement ¶
func CfnTargetGroup_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnTargetGroup_IsCfnResource ¶
func CfnTargetGroup_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnTargetGroup_IsConstruct ¶
func CfnTargetGroup_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnTrustStoreRevocation_CFN_RESOURCE_TYPE_NAME ¶ added in v2.112.0
func CfnTrustStoreRevocation_CFN_RESOURCE_TYPE_NAME() *string
func CfnTrustStoreRevocation_IsCfnElement ¶ added in v2.112.0
func CfnTrustStoreRevocation_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnTrustStoreRevocation_IsCfnResource ¶ added in v2.112.0
func CfnTrustStoreRevocation_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnTrustStoreRevocation_IsConstruct ¶ added in v2.112.0
func CfnTrustStoreRevocation_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnTrustStore_CFN_RESOURCE_TYPE_NAME ¶ added in v2.112.0
func CfnTrustStore_CFN_RESOURCE_TYPE_NAME() *string
func CfnTrustStore_IsCfnElement ¶ added in v2.112.0
func CfnTrustStore_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnTrustStore_IsCfnResource ¶ added in v2.112.0
func CfnTrustStore_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnTrustStore_IsConstruct ¶ added in v2.112.0
func CfnTrustStore_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NetworkListener_IsConstruct ¶
func NetworkListener_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NetworkListener_IsOwnedResource ¶ added in v2.32.0
func NetworkListener_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func NetworkListener_IsResource ¶
func NetworkListener_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NetworkLoadBalancer_IsConstruct ¶
func NetworkLoadBalancer_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NetworkLoadBalancer_IsOwnedResource ¶ added in v2.32.0
func NetworkLoadBalancer_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func NetworkLoadBalancer_IsResource ¶
func NetworkLoadBalancer_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NetworkTargetGroup_IsConstruct ¶
func NetworkTargetGroup_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NewApplicationListenerCertificate_Override ¶
func NewApplicationListenerCertificate_Override(a ApplicationListenerCertificate, scope constructs.Construct, id *string, props *ApplicationListenerCertificateProps)
func NewApplicationListenerRule_Override ¶
func NewApplicationListenerRule_Override(a ApplicationListenerRule, scope constructs.Construct, id *string, props *ApplicationListenerRuleProps)
func NewApplicationListener_Override ¶
func NewApplicationListener_Override(a ApplicationListener, scope constructs.Construct, id *string, props *ApplicationListenerProps)
func NewApplicationLoadBalancer_Override ¶
func NewApplicationLoadBalancer_Override(a ApplicationLoadBalancer, scope constructs.Construct, id *string, props *ApplicationLoadBalancerProps)
func NewApplicationTargetGroup_Override ¶
func NewApplicationTargetGroup_Override(a ApplicationTargetGroup, scope constructs.Construct, id *string, props *ApplicationTargetGroupProps)
func NewBaseListener_Override ¶
func NewBaseListener_Override(b BaseListener, scope constructs.Construct, id *string, additionalProps interface{})
func NewBaseLoadBalancer_Override ¶
func NewBaseLoadBalancer_Override(b BaseLoadBalancer, scope constructs.Construct, id *string, baseProps *BaseLoadBalancerProps, additionalProps interface{})
func NewCfnListenerCertificate_Override ¶
func NewCfnListenerCertificate_Override(c CfnListenerCertificate, scope constructs.Construct, id *string, props *CfnListenerCertificateProps)
func NewCfnListenerRule_Override ¶
func NewCfnListenerRule_Override(c CfnListenerRule, scope constructs.Construct, id *string, props *CfnListenerRuleProps)
func NewCfnListener_Override ¶
func NewCfnListener_Override(c CfnListener, scope constructs.Construct, id *string, props *CfnListenerProps)
func NewCfnLoadBalancer_Override ¶
func NewCfnLoadBalancer_Override(c CfnLoadBalancer, scope constructs.Construct, id *string, props *CfnLoadBalancerProps)
func NewCfnTargetGroup_Override ¶
func NewCfnTargetGroup_Override(c CfnTargetGroup, scope constructs.Construct, id *string, props *CfnTargetGroupProps)
func NewCfnTrustStoreRevocation_Override ¶ added in v2.112.0
func NewCfnTrustStoreRevocation_Override(c CfnTrustStoreRevocation, scope constructs.Construct, id *string, props *CfnTrustStoreRevocationProps)
func NewCfnTrustStore_Override ¶ added in v2.112.0
func NewCfnTrustStore_Override(c CfnTrustStore, scope constructs.Construct, id *string, props *CfnTrustStoreProps)
func NewListenerAction_Override ¶
func NewListenerAction_Override(l ListenerAction, defaultActionJson *CfnListener_ActionProperty, next ListenerAction)
Create an instance of ListenerAction.
The default class should be good enough for most cases and should be created by using one of the static factory functions, but allow overriding to make sure we allow flexibility for the future.
func NewListenerCertificate_Override ¶
func NewListenerCertificate_Override(l ListenerCertificate, certificateArn *string)
func NewListenerCondition_Override ¶
func NewListenerCondition_Override(l ListenerCondition)
func NewNetworkListenerAction_Override ¶
func NewNetworkListenerAction_Override(n NetworkListenerAction, defaultActionJson *CfnListener_ActionProperty, next NetworkListenerAction)
Create an instance of NetworkListenerAction.
The default class should be good enough for most cases and should be created by using one of the static factory functions, but allow overriding to make sure we allow flexibility for the future.
func NewNetworkListener_Override ¶
func NewNetworkListener_Override(n NetworkListener, scope constructs.Construct, id *string, props *NetworkListenerProps)
func NewNetworkLoadBalancer_Override ¶
func NewNetworkLoadBalancer_Override(n NetworkLoadBalancer, scope constructs.Construct, id *string, props *NetworkLoadBalancerProps)
func NewNetworkTargetGroup_Override ¶
func NewNetworkTargetGroup_Override(n NetworkTargetGroup, scope constructs.Construct, id *string, props *NetworkTargetGroupProps)
func NewTargetGroupBase_Override ¶
func NewTargetGroupBase_Override(t TargetGroupBase, scope constructs.Construct, id *string, baseProps *BaseTargetGroupProps, additionalProps interface{})
func NewTrustStoreRevocation_Override ¶ added in v2.154.0
func NewTrustStoreRevocation_Override(t TrustStoreRevocation, scope constructs.Construct, id *string, props *TrustStoreRevocationProps)
func NewTrustStore_Override ¶ added in v2.154.0
func NewTrustStore_Override(t TrustStore, scope constructs.Construct, id *string, props *TrustStoreProps)
func TargetGroupBase_IsConstruct ¶
func TargetGroupBase_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func TrustStoreRevocation_IsConstruct ¶ added in v2.154.0
func TrustStoreRevocation_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func TrustStoreRevocation_IsOwnedResource ¶ added in v2.154.0
func TrustStoreRevocation_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func TrustStoreRevocation_IsResource ¶ added in v2.154.0
func TrustStoreRevocation_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func TrustStore_IsConstruct ¶ added in v2.154.0
func TrustStore_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func TrustStore_IsOwnedResource ¶ added in v2.154.0
func TrustStore_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func TrustStore_IsResource ¶ added in v2.154.0
func TrustStore_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
Types ¶
type AddApplicationActionProps ¶
type AddApplicationActionProps struct { // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Priority of this target group. // // The rule with the lowest priority will be used for every request. // If priority is not given, these target groups will be added as // defaults, and must not have conditions. // // Priorities must be unique. // Default: Target groups are used as defaults. // Priority *float64 `field:"optional" json:"priority" yaml:"priority"` // Action to perform. Action ListenerAction `field:"required" json:"action" yaml:"action"` // `ListenerRule`s have a `Rule` suffix on their logicalId by default. This allows you to remove that suffix. // // Legacy behavior of the `addTargetGroups()` convenience method did not include the `Rule` suffix on the logicalId of the generated `ListenerRule`. // At some point, increasing complexity of requirements can require users to switch from the `addTargetGroups()` method // to the `addAction()` method. // When migrating `ListenerRule`s deployed by a legacy version of `addTargetGroups()`, // you will need to enable this flag to avoid changing the logicalId of your resource. // Otherwise Cfn will attempt to replace the `ListenerRule` and fail. // Default: - use standard logicalId with the `Rule` suffix. // RemoveSuffix *bool `field:"optional" json:"removeSuffix" yaml:"removeSuffix"` }
Properties for adding a new action to a listener.
Example:
var listener applicationListener listener.AddAction(jsii.String("Fixed"), &AddApplicationActionProps{ Priority: jsii.Number(10), Conditions: []listenerCondition{ elbv2.*listenerCondition_PathPatterns([]*string{ jsii.String("/ok"), }), }, Action: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("OK"), }), })
type AddApplicationTargetGroupsProps ¶
type AddApplicationTargetGroupsProps struct { // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Priority of this target group. // // The rule with the lowest priority will be used for every request. // If priority is not given, these target groups will be added as // defaults, and must not have conditions. // // Priorities must be unique. // Default: Target groups are used as defaults. // Priority *float64 `field:"optional" json:"priority" yaml:"priority"` // Target groups to forward requests to. TargetGroups *[]IApplicationTargetGroup `field:"required" json:"targetGroups" yaml:"targetGroups"` }
Properties for adding a new target group to a listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationTargetGroup applicationTargetGroup var listenerCondition listenerCondition addApplicationTargetGroupsProps := &AddApplicationTargetGroupsProps{ TargetGroups: []iApplicationTargetGroup{ applicationTargetGroup, }, // the properties below are optional Conditions: []*listenerCondition{ listenerCondition, }, Priority: jsii.Number(123), }
type AddApplicationTargetsProps ¶
type AddApplicationTargetsProps struct { // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Priority of this target group. // // The rule with the lowest priority will be used for every request. // If priority is not given, these target groups will be added as // defaults, and must not have conditions. // // Priorities must be unique. // Default: Target groups are used as defaults. // Priority *float64 `field:"optional" json:"priority" yaml:"priority"` // The amount of time for Elastic Load Balancing to wait before deregistering a target. // // The range is 0-3600 seconds. // Default: Duration.minutes(5) // DeregistrationDelay awscdk.Duration `field:"optional" json:"deregistrationDelay" yaml:"deregistrationDelay"` // Indicates whether anomaly mitigation is enabled. // // Only available when `loadBalancingAlgorithmType` is `TargetGroupLoadBalancingAlgorithmType.WEIGHTED_RANDOM` // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights // // Default: false. // EnableAnomalyMitigation *bool `field:"optional" json:"enableAnomalyMitigation" yaml:"enableAnomalyMitigation"` // Health check configuration. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties // // Default: - The default value for each property in this configuration varies depending on the target. // HealthCheck *HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"` // The load balancing algorithm to select targets for routing requests. // Default: round_robin. // LoadBalancingAlgorithmType TargetGroupLoadBalancingAlgorithmType `field:"optional" json:"loadBalancingAlgorithmType" yaml:"loadBalancingAlgorithmType"` // The port on which the listener listens for requests. // Default: Determined from protocol if known. // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol to use. // Default: Determined from port if known. // Protocol ApplicationProtocol `field:"optional" json:"protocol" yaml:"protocol"` // The protocol version to use. // Default: ApplicationProtocolVersion.HTTP1 // ProtocolVersion ApplicationProtocolVersion `field:"optional" json:"protocolVersion" yaml:"protocolVersion"` // The time period during which the load balancer sends a newly registered target a linearly increasing share of the traffic to the target group. // // The range is 30-900 seconds (15 minutes). // Default: 0. // SlowStart awscdk.Duration `field:"optional" json:"slowStart" yaml:"slowStart"` // The stickiness cookie expiration period. // // Setting this value enables load balancer stickiness. // // After this period, the cookie is considered stale. The minimum value is // 1 second and the maximum value is 7 days (604800 seconds). // Default: Stickiness disabled. // StickinessCookieDuration awscdk.Duration `field:"optional" json:"stickinessCookieDuration" yaml:"stickinessCookieDuration"` // The name of an application-based stickiness cookie. // // Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP, // and AWSALBTG; they're reserved for use by the load balancer. // // Note: `stickinessCookieName` parameter depends on the presence of `stickinessCookieDuration` parameter. // If `stickinessCookieDuration` is not set, `stickinessCookieName` will be omitted. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html // // Default: - If `stickinessCookieDuration` is set, a load-balancer generated cookie is used. Otherwise, no stickiness is defined. // StickinessCookieName *string `field:"optional" json:"stickinessCookieName" yaml:"stickinessCookieName"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of // 32 characters, must contain only alphanumeric characters or hyphens, and // must not begin or end with a hyphen. // Default: Automatically generated. // TargetGroupName *string `field:"optional" json:"targetGroupName" yaml:"targetGroupName"` // The targets to add to this target group. // // Can be `Instance`, `IPAddress`, or any self-registering load balancing // target. All target must be of the same type. Targets *[]IApplicationLoadBalancerTarget `field:"optional" json:"targets" yaml:"targets"` }
Properties for adding new targets to a listener.
Example:
import "github.com/aws/aws-cdk-go/awscdk" var asg autoScalingGroup var vpc vpc // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), }) // Add a listener and open up the load balancer's security group // to the world. listener := lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), // 'open: true' is the default, you can leave it out if you want. Set it // to 'false' and use `listener.connections` if you want to be selective // about who can access the load balancer. Open: jsii.Boolean(true), }) // Create an AutoScaling group and add it as a load balancing // target to the listener. listener.AddTargets(jsii.String("ApplicationFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(8080), Targets: []iApplicationLoadBalancerTarget{ asg, }, })
type AddNetworkActionProps ¶
type AddNetworkActionProps struct { // Action to perform. Action NetworkListenerAction `field:"required" json:"action" yaml:"action"` }
Properties for adding a new action to a listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var networkListenerAction networkListenerAction addNetworkActionProps := &AddNetworkActionProps{ Action: networkListenerAction, }
type AddNetworkTargetsProps ¶
type AddNetworkTargetsProps struct { // The port on which the listener listens for requests. // Default: Determined from protocol if known. // Port *float64 `field:"required" json:"port" yaml:"port"` // The amount of time for Elastic Load Balancing to wait before deregistering a target. // // The range is 0-3600 seconds. // Default: Duration.minutes(5) // DeregistrationDelay awscdk.Duration `field:"optional" json:"deregistrationDelay" yaml:"deregistrationDelay"` // Health check configuration. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties // // Default: - The default value for each property in this configuration varies depending on the target. // HealthCheck *HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"` // Indicates whether client IP preservation is enabled. // Default: false if the target group type is IP address and the // target group protocol is TCP or TLS. Otherwise, true. // PreserveClientIp *bool `field:"optional" json:"preserveClientIp" yaml:"preserveClientIp"` // Protocol for target group, expects TCP, TLS, UDP, or TCP_UDP. // Default: - inherits the protocol of the listener. // Protocol Protocol `field:"optional" json:"protocol" yaml:"protocol"` // Indicates whether Proxy Protocol version 2 is enabled. // Default: false. // ProxyProtocolV2 *bool `field:"optional" json:"proxyProtocolV2" yaml:"proxyProtocolV2"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of // 32 characters, must contain only alphanumeric characters or hyphens, and // must not begin or end with a hyphen. // Default: Automatically generated. // TargetGroupName *string `field:"optional" json:"targetGroupName" yaml:"targetGroupName"` // The targets to add to this target group. // // Can be `Instance`, `IPAddress`, or any self-registering load balancing // target. If you use either `Instance` or `IPAddress` as targets, all // target must be of the same type. Targets *[]INetworkLoadBalancerTarget `field:"optional" json:"targets" yaml:"targets"` }
Properties for adding new network targets to a listener.
Example:
var vpc vpc var asg autoScalingGroup var sg1 iSecurityGroup var sg2 iSecurityGroup // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewNetworkLoadBalancer(this, jsii.String("LB"), &NetworkLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), SecurityGroups: []*iSecurityGroup{ sg1, }, }) lb.AddSecurityGroup(sg2) // Add a listener on a particular port. listener := lb.AddListener(jsii.String("Listener"), &BaseNetworkListenerProps{ Port: jsii.Number(443), }) // Add targets on a particular port. listener.AddTargets(jsii.String("AppFleet"), &AddNetworkTargetsProps{ Port: jsii.Number(443), Targets: []iNetworkLoadBalancerTarget{ asg, }, })
type AddRuleProps ¶
type AddRuleProps struct { // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Priority of this target group. // // The rule with the lowest priority will be used for every request. // If priority is not given, these target groups will be added as // defaults, and must not have conditions. // // Priorities must be unique. // Default: Target groups are used as defaults. // Priority *float64 `field:"optional" json:"priority" yaml:"priority"` }
Properties for adding a conditional load balancing rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var listenerCondition listenerCondition addRuleProps := &AddRuleProps{ Conditions: []*listenerCondition{ listenerCondition, }, Priority: jsii.Number(123), }
type AlpnPolicy ¶
type AlpnPolicy string
Application-Layer Protocol Negotiation Policies for network load balancers.
Which protocols should be used over a secure connection.
const ( // Negotiate only HTTP/1.*. The ALPN preference list is http/1.1, http/1.0. AlpnPolicy_HTTP1_ONLY AlpnPolicy = "HTTP1_ONLY" // Negotiate only HTTP/2. // // The ALPN preference list is h2. AlpnPolicy_HTTP2_ONLY AlpnPolicy = "HTTP2_ONLY" // Prefer HTTP/1.* over HTTP/2 (which can be useful for HTTP/2 testing). The ALPN preference list is http/1.1, http/1.0, h2. AlpnPolicy_HTTP2_OPTIONAL AlpnPolicy = "HTTP2_OPTIONAL" // Prefer HTTP/2 over HTTP/1.*. The ALPN preference list is h2, http/1.1, http/1.0. AlpnPolicy_HTTP2_PREFERRED AlpnPolicy = "HTTP2_PREFERRED" // Do not negotiate ALPN. AlpnPolicy_NONE AlpnPolicy = "NONE" )
type ApplicationListener ¶
type ApplicationListener interface { BaseListener IApplicationListener // Manage connections to this ApplicationListener. Connections() awsec2.Connections // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // ARN of the listener. ListenerArn() *string // Load balancer this listener is associated with. LoadBalancer() IApplicationLoadBalancer // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The port of the listener. Port() *float64 // The stack in which this resource is defined. Stack() awscdk.Stack // Perform the given default action on incoming requests. // // This allows full control of the default action of the load balancer, // including Action chaining, fixed responses and redirect responses. See // the `ListenerAction` class for all options. // // It's possible to add routing conditions to the Action added in this way. // At least one Action must be added without conditions (which becomes the // default Action). AddAction(id *string, props *AddApplicationActionProps) // Add one or more certificates to this listener. // // After the first certificate, this creates ApplicationListenerCertificates // resources since cloudformation requires the certificates array on the // listener resource to have a length of 1. AddCertificates(id *string, certificates *[]IListenerCertificate) // Load balance incoming requests to the given target groups. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use `addAction()`. // // It's possible to add routing conditions to the TargetGroups added in this // way. At least one TargetGroup must be added without conditions (which will // become the default Action for this listener). AddTargetGroups(id *string, props *AddApplicationTargetGroupsProps) // Load balance incoming requests to the given load balancing targets. // // This method implicitly creates an ApplicationTargetGroup for the targets // involved, and a 'forward' action to route traffic to the given TargetGroup. // // If you want more control over the precise setup, create the TargetGroup // and use `addAction` yourself. // // It's possible to add conditions to the targets added in this way. At least // one set of targets must be added without conditions. // // Returns: The newly created target group. AddTargets(id *string, props *AddApplicationTargetsProps) ApplicationTargetGroup // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Register that a connectable that has been added to this load balancer. // // Don't call this directly. It is called by ApplicationTargetGroup. RegisterConnectable(connectable awsec2.IConnectable, portRange awsec2.Port) // Returns a string representation of this construct. ToString() *string // Validate this listener. ValidateListener() *[]*string }
Define an ApplicationListener.
Example:
import "github.com/aws/aws-cdk-go/awscdk" var asg autoScalingGroup var vpc vpc // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), }) // Add a listener and open up the load balancer's security group // to the world. listener := lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), // 'open: true' is the default, you can leave it out if you want. Set it // to 'false' and use `listener.connections` if you want to be selective // about who can access the load balancer. Open: jsii.Boolean(true), }) // Create an AutoScaling group and add it as a load balancing // target to the listener. listener.AddTargets(jsii.String("ApplicationFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(8080), Targets: []iApplicationLoadBalancerTarget{ asg, }, })
func NewApplicationListener ¶
func NewApplicationListener(scope constructs.Construct, id *string, props *ApplicationListenerProps) ApplicationListener
type ApplicationListenerAttributes ¶
type ApplicationListenerAttributes struct { // ARN of the listener. ListenerArn *string `field:"required" json:"listenerArn" yaml:"listenerArn"` // Security group of the load balancer this listener is associated with. SecurityGroup awsec2.ISecurityGroup `field:"required" json:"securityGroup" yaml:"securityGroup"` // The default port on which this listener is listening. DefaultPort *float64 `field:"optional" json:"defaultPort" yaml:"defaultPort"` }
Properties to reference an existing listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var securityGroup securityGroup applicationListenerAttributes := &ApplicationListenerAttributes{ ListenerArn: jsii.String("listenerArn"), SecurityGroup: securityGroup, // the properties below are optional DefaultPort: jsii.Number(123), }
type ApplicationListenerCertificate ¶
type ApplicationListenerCertificate interface { constructs.Construct // The tree node. Node() constructs.Node // Returns a string representation of this construct. ToString() *string }
Add certificates to a listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationListener applicationListener var listenerCertificate listenerCertificate applicationListenerCertificate := awscdk.Aws_elasticloadbalancingv2.NewApplicationListenerCertificate(this, jsii.String("MyApplicationListenerCertificate"), &ApplicationListenerCertificateProps{ Listener: applicationListener, // the properties below are optional Certificates: []iListenerCertificate{ listenerCertificate, }, })
func NewApplicationListenerCertificate ¶
func NewApplicationListenerCertificate(scope constructs.Construct, id *string, props *ApplicationListenerCertificateProps) ApplicationListenerCertificate
type ApplicationListenerCertificateProps ¶
type ApplicationListenerCertificateProps struct { // The listener to attach the rule to. Listener IApplicationListener `field:"required" json:"listener" yaml:"listener"` // Certificates to attach. // // Duplicates are not allowed. // Default: - One of 'certificates' and 'certificateArns' is required. // Certificates *[]IListenerCertificate `field:"optional" json:"certificates" yaml:"certificates"` }
Properties for adding a set of certificates to a listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationListener applicationListener var listenerCertificate listenerCertificate applicationListenerCertificateProps := &ApplicationListenerCertificateProps{ Listener: applicationListener, // the properties below are optional Certificates: []iListenerCertificate{ listenerCertificate, }, }
type ApplicationListenerLookupOptions ¶
type ApplicationListenerLookupOptions struct { // Filter listeners by listener port. // Default: - does not filter by listener port. // ListenerPort *float64 `field:"optional" json:"listenerPort" yaml:"listenerPort"` // Filter listeners by associated load balancer arn. // Default: - does not filter by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Filter listeners by associated load balancer tags. // Default: - does not filter by load balancer tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` // ARN of the listener to look up. // Default: - does not filter by listener arn. // ListenerArn *string `field:"optional" json:"listenerArn" yaml:"listenerArn"` // Filter listeners by listener protocol. // Default: - does not filter by listener protocol. // ListenerProtocol ApplicationProtocol `field:"optional" json:"listenerProtocol" yaml:"listenerProtocol"` }
Options for ApplicationListener lookup.
Example:
listener := elbv2.ApplicationListener_FromLookup(this, jsii.String("ALBListener"), &ApplicationListenerLookupOptions{ LoadBalancerArn: jsii.String("arn:aws:elasticloadbalancing:us-east-2:123456789012:loadbalancer/app/my-load-balancer/1234567890123456"), ListenerProtocol: elbv2.ApplicationProtocol_HTTPS, ListenerPort: jsii.Number(443), })
type ApplicationListenerProps ¶
type ApplicationListenerProps struct { // Certificate list of ACM cert ARNs. // // You must provide exactly one certificate if the listener protocol is HTTPS or TLS. // Default: - No certificates. // Certificates *[]IListenerCertificate `field:"optional" json:"certificates" yaml:"certificates"` // Default action to take for requests to this listener. // // This allows full control of the default action of the load balancer, // including Action chaining, fixed responses and redirect responses. // // See the `ListenerAction` class for all options. // // Cannot be specified together with `defaultTargetGroups`. // Default: - None. // DefaultAction ListenerAction `field:"optional" json:"defaultAction" yaml:"defaultAction"` // Default target groups to load balance to. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use // either `defaultAction` or `addAction()`. // // Cannot be specified together with `defaultAction`. // Default: - None. // DefaultTargetGroups *[]IApplicationTargetGroup `field:"optional" json:"defaultTargetGroups" yaml:"defaultTargetGroups"` // The mutual authentication configuration information. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html // // Default: - No mutual authentication configuration. // MutualAuthentication *MutualAuthentication `field:"optional" json:"mutualAuthentication" yaml:"mutualAuthentication"` // Allow anyone to connect to the load balancer on the listener port. // // If this is specified, the load balancer will be opened up to anyone who can reach it. // For internal load balancers this is anyone in the same VPC. For public load // balancers, this is anyone on the internet. // // If you want to be more selective about who can access this load // balancer, set this to `false` and use the listener's `connections` // object to selectively grant access to the load balancer on the listener port. // Default: true. // Open *bool `field:"optional" json:"open" yaml:"open"` // The port on which the listener listens for requests. // Default: - Determined from protocol if known. // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol to use. // Default: - Determined from port if known. // Protocol ApplicationProtocol `field:"optional" json:"protocol" yaml:"protocol"` // The security policy that defines which ciphers and protocols are supported. // Default: - The current predefined security policy. // SslPolicy SslPolicy `field:"optional" json:"sslPolicy" yaml:"sslPolicy"` // The load balancer to attach this listener to. LoadBalancer IApplicationLoadBalancer `field:"required" json:"loadBalancer" yaml:"loadBalancer"` }
Properties for defining a standalone ApplicationListener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationLoadBalancer applicationLoadBalancer var applicationTargetGroup applicationTargetGroup var listenerAction listenerAction var listenerCertificate listenerCertificate var trustStore trustStore applicationListenerProps := &ApplicationListenerProps{ LoadBalancer: applicationLoadBalancer, // the properties below are optional Certificates: []iListenerCertificate{ listenerCertificate, }, DefaultAction: listenerAction, DefaultTargetGroups: []iApplicationTargetGroup{ applicationTargetGroup, }, MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: awscdk.Aws_elasticloadbalancingv2.MutualAuthenticationMode_OFF, TrustStore: trustStore, }, Open: jsii.Boolean(false), Port: jsii.Number(123), Protocol: awscdk.*Aws_elasticloadbalancingv2.ApplicationProtocol_HTTP, SslPolicy: awscdk.*Aws_elasticloadbalancingv2.SslPolicy_RECOMMENDED_TLS, }
type ApplicationListenerRule ¶
type ApplicationListenerRule interface { constructs.Construct // The ARN of this rule. ListenerRuleArn() *string // The tree node. Node() constructs.Node // Add a non-standard condition to this rule. AddCondition(condition ListenerCondition) // Configure the action to perform for this rule. ConfigureAction(action ListenerAction) // Returns a string representation of this construct. ToString() *string }
Define a new listener rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationListener applicationListener var applicationTargetGroup applicationTargetGroup var listenerAction listenerAction var listenerCondition listenerCondition applicationListenerRule := awscdk.Aws_elasticloadbalancingv2.NewApplicationListenerRule(this, jsii.String("MyApplicationListenerRule"), &ApplicationListenerRuleProps{ Listener: applicationListener, Priority: jsii.Number(123), // the properties below are optional Action: listenerAction, Conditions: []*listenerCondition{ listenerCondition, }, TargetGroups: []iApplicationTargetGroup{ applicationTargetGroup, }, })
func NewApplicationListenerRule ¶
func NewApplicationListenerRule(scope constructs.Construct, id *string, props *ApplicationListenerRuleProps) ApplicationListenerRule
type ApplicationListenerRuleProps ¶
type ApplicationListenerRuleProps struct { // Priority of the rule. // // The rule with the lowest priority will be used for every request. // // Priorities must be unique. Priority *float64 `field:"required" json:"priority" yaml:"priority"` // Action to perform when requests are received. // // Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified. // Default: - No action. // Action ListenerAction `field:"optional" json:"action" yaml:"action"` // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Target groups to forward requests to. // // Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified. // // Implies a `forward` action. // Default: - No target groups. // TargetGroups *[]IApplicationTargetGroup `field:"optional" json:"targetGroups" yaml:"targetGroups"` // The listener to attach the rule to. Listener IApplicationListener `field:"required" json:"listener" yaml:"listener"` }
Properties for defining a listener rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationListener applicationListener var applicationTargetGroup applicationTargetGroup var listenerAction listenerAction var listenerCondition listenerCondition applicationListenerRuleProps := &ApplicationListenerRuleProps{ Listener: applicationListener, Priority: jsii.Number(123), // the properties below are optional Action: listenerAction, Conditions: []*listenerCondition{ listenerCondition, }, TargetGroups: []iApplicationTargetGroup{ applicationTargetGroup, }, }
type ApplicationLoadBalancer ¶
type ApplicationLoadBalancer interface { BaseLoadBalancer IApplicationLoadBalancer // The network connections associated with this resource. Connections() awsec2.Connections // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The IP Address Type for this load balancer. IpAddressType() IpAddressType // A list of listeners that have been added to the load balancer. // // This list is only valid for owned constructs. Listeners() *[]ApplicationListener // The ARN of this load balancer. // // Example value: `arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-internal-load-balancer/50dc6c495c0c9188`. LoadBalancerArn() *string // The canonical hosted zone ID of this load balancer. // // Example value: `Z2P70J7EXAMPLE`. LoadBalancerCanonicalHostedZoneId() *string // The DNS name of this load balancer. // // Example value: `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` LoadBalancerDnsName() *string // The full name of this load balancer. // // Example value: `app/my-load-balancer/50dc6c495c0c9188`. LoadBalancerFullName() *string // The name of this load balancer. // // Example value: `my-load-balancer`. LoadBalancerName() *string LoadBalancerSecurityGroups() *[]*string // All metrics available for this load balancer. Metrics() IApplicationLoadBalancerMetrics // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // The VPC this load balancer has been created in. // // This property is always defined (not `null` or `undefined`) for sub-classes of `BaseLoadBalancer`. Vpc() awsec2.IVpc // Add a new listener to this load balancer. AddListener(id *string, props *BaseApplicationListenerProps) ApplicationListener // Add a redirection listener to this load balancer. AddRedirect(props *ApplicationLoadBalancerRedirectConfig) ApplicationListener // Add a security group to this load balancer. AddSecurityGroup(securityGroup awsec2.ISecurityGroup) // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Enable access logging for this load balancer. // // A region must be specified on the stack containing the load balancer; you cannot enable logging on // environment-agnostic stacks. See https://docs.aws.amazon.com/cdk/latest/guide/environments.html LogAccessLogs(bucket awss3.IBucket, prefix *string) // Enable connection logging for this load balancer. // // A region must be specified on the stack containing the load balancer; you cannot enable logging on // environment-agnostic stacks. // See: https://docs.aws.amazon.com/cdk/latest/guide/environments.html // LogConnectionLogs(bucket awss3.IBucket, prefix *string) // Return the given named metric for this Application Load Balancer. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.custom“ instead Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.activeConnectionCount“ instead MetricActiveConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the client that did not establish a session with the load balancer. // // Possible causes include a // mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.clientTlsNegotiationErrorCount“ instead MetricClientTlsNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of load balancer capacity units (LCU) used by your load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.consumedLCUs“ instead MetricConsumedLCUs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of user authentications that could not be completed. // // Because an authenticate action was misconfigured, the load balancer // couldn't establish a connection with the IdP, or the load balancer // couldn't complete the authentication flow due to an internal error. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.elbAuthError“ instead MetricElbAuthError(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of user authentications that could not be completed because the IdP denied access to the user or an authorization code was used more than once. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.elbAuthFailure“ instead MetricElbAuthFailure(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in milliseconds, to query the IdP for the ID token and user info. // // If one or more of these operations fail, this is the time to failure. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.elbAuthLatency“ instead MetricElbAuthLatency(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of authenticate actions that were successful. // // This metric is incremented at the end of the authentication workflow, // after the load balancer has retrieved the user claims from the IdP. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.elbAuthSuccess“ instead MetricElbAuthSuccess(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 3xx/4xx/5xx codes that originate from the load balancer. // // This does not include any response codes generated by the targets. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.httpCodeElb“ instead MetricHttpCodeElb(code HttpCodeElb, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in the load balancer. // // This does not include any response codes generated by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.httpCodeTarget“ instead MetricHttpCodeTarget(code HttpCodeTarget, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of fixed-response actions that were successful. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.httpFixedResponseCount“ instead MetricHttpFixedResponseCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of redirect actions that were successful. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.httpRedirectCount“ instead MetricHttpRedirectCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of redirect actions that couldn't be completed because the URL in the response location header is larger than 8K. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.httpRedirectUrlLimitExceededCount“ instead MetricHttpRedirectUrlLimitExceededCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer over IPv6. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.ipv6ProcessedBytes“ instead MetricIpv6ProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of IPv6 requests received by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.ipv6RequestCount“ instead MetricIpv6RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.newConnectionCount“ instead MetricNewConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer over IPv4 and IPv6. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.processedBytes“ instead MetricProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were rejected because the load balancer had reached its maximum number of connections. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.rejectedConnectionCount“ instead MetricRejectedConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of requests processed over IPv4 and IPv6. // // This count includes only the requests with a response generated by a target of the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.requestCount“ instead MetricRequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of rules processed by the load balancer given a request rate averaged over an hour. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.ruleEvaluations“ instead MetricRuleEvaluations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were not successfully established between the load balancer and target. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.targetConnectionErrorCount“ instead MetricTargetConnectionErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.targetResponseTime“ instead MetricTargetResponseTime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the load balancer that did not establish a session with the target. // // Possible causes include a mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationLoadBalancer.metrics.targetTLSNegotiationErrorCount“ instead MetricTargetTLSNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Remove an attribute from the load balancer. RemoveAttribute(key *string) ResourcePolicyPrincipal() awsiam.IPrincipal // Set a non-standard attribute on the load balancer. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateLoadBalancer() *[]*string }
Define an Application Load Balancer.
Example:
import "github.com/aws/aws-cdk-go/awscdk" var asg autoScalingGroup var vpc vpc // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), }) // Add a listener and open up the load balancer's security group // to the world. listener := lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), // 'open: true' is the default, you can leave it out if you want. Set it // to 'false' and use `listener.connections` if you want to be selective // about who can access the load balancer. Open: jsii.Boolean(true), }) // Create an AutoScaling group and add it as a load balancing // target to the listener. listener.AddTargets(jsii.String("ApplicationFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(8080), Targets: []iApplicationLoadBalancerTarget{ asg, }, })
func NewApplicationLoadBalancer ¶
func NewApplicationLoadBalancer(scope constructs.Construct, id *string, props *ApplicationLoadBalancerProps) ApplicationLoadBalancer
type ApplicationLoadBalancerAttributes ¶
type ApplicationLoadBalancerAttributes struct { // ARN of the load balancer. LoadBalancerArn *string `field:"required" json:"loadBalancerArn" yaml:"loadBalancerArn"` // ID of the load balancer's security group. SecurityGroupId *string `field:"required" json:"securityGroupId" yaml:"securityGroupId"` // The canonical hosted zone ID of this load balancer. // Default: - When not provided, LB cannot be used as Route53 Alias target. // LoadBalancerCanonicalHostedZoneId *string `field:"optional" json:"loadBalancerCanonicalHostedZoneId" yaml:"loadBalancerCanonicalHostedZoneId"` // The DNS name of this load balancer. // Default: - When not provided, LB cannot be used as Route53 Alias target. // LoadBalancerDnsName *string `field:"optional" json:"loadBalancerDnsName" yaml:"loadBalancerDnsName"` // Whether the security group allows all outbound traffic or not. // // Unless set to `false`, no egress rules will be added to the security group. // Default: true. // SecurityGroupAllowsAllOutbound *bool `field:"optional" json:"securityGroupAllowsAllOutbound" yaml:"securityGroupAllowsAllOutbound"` // The VPC this load balancer has been created in, if available. // Default: - If the Load Balancer was imported and a VPC was not specified, // the VPC is not available. // Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` }
Properties to reference an existing load balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var vpc vpc applicationLoadBalancerAttributes := &ApplicationLoadBalancerAttributes{ LoadBalancerArn: jsii.String("loadBalancerArn"), SecurityGroupId: jsii.String("securityGroupId"), // the properties below are optional LoadBalancerCanonicalHostedZoneId: jsii.String("loadBalancerCanonicalHostedZoneId"), LoadBalancerDnsName: jsii.String("loadBalancerDnsName"), SecurityGroupAllowsAllOutbound: jsii.Boolean(false), Vpc: vpc, }
type ApplicationLoadBalancerLookupOptions ¶
type ApplicationLoadBalancerLookupOptions struct { // Find by load balancer's ARN. // Default: - does not search by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Match load balancer tags. // Default: - does not match load balancers by tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` }
Options for looking up an ApplicationLoadBalancer.
Example:
loadBalancer := elbv2.ApplicationLoadBalancer_FromLookup(this, jsii.String("ALB"), &ApplicationLoadBalancerLookupOptions{ LoadBalancerArn: jsii.String("arn:aws:elasticloadbalancing:us-east-2:123456789012:loadbalancer/app/my-load-balancer/1234567890123456"), })
type ApplicationLoadBalancerProps ¶
type ApplicationLoadBalancerProps struct { // The VPC network to place the load balancer in. Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"` // Indicates whether cross-zone load balancing is enabled. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html // // Default: - false for Network Load Balancers and true for Application Load Balancers. // This can not be `false` for Application Load Balancers. // CrossZoneEnabled *bool `field:"optional" json:"crossZoneEnabled" yaml:"crossZoneEnabled"` // Indicates whether deletion protection is enabled. // Default: false. // DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"` // Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW). // Default: - false for internet-facing load balancers and true for internal load balancers. // DenyAllIgwTraffic *bool `field:"optional" json:"denyAllIgwTraffic" yaml:"denyAllIgwTraffic"` // Whether the load balancer has an internet-routable address. // Default: false. // InternetFacing *bool `field:"optional" json:"internetFacing" yaml:"internetFacing"` // Name of the load balancer. // Default: - Automatically generated name. // LoadBalancerName *string `field:"optional" json:"loadBalancerName" yaml:"loadBalancerName"` // Which subnets place the load balancer in. // Default: - the Vpc default strategy. // VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"` // The client keep alive duration. // // The valid range is 60 to 604800 seconds (1 minute to 7 days). // Default: - Duration.seconds(3600) // ClientKeepAlive awscdk.Duration `field:"optional" json:"clientKeepAlive" yaml:"clientKeepAlive"` // Determines how the load balancer handles requests that might pose a security risk to your application. // Default: DesyncMitigationMode.DEFENSIVE // DesyncMitigationMode DesyncMitigationMode `field:"optional" json:"desyncMitigationMode" yaml:"desyncMitigationMode"` // Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). // Default: false. // DropInvalidHeaderFields *bool `field:"optional" json:"dropInvalidHeaderFields" yaml:"dropInvalidHeaderFields"` // Indicates whether HTTP/2 is enabled. // Default: true. // Http2Enabled *bool `field:"optional" json:"http2Enabled" yaml:"http2Enabled"` // The load balancer idle timeout, in seconds. // Default: 60. // IdleTimeout awscdk.Duration `field:"optional" json:"idleTimeout" yaml:"idleTimeout"` // The type of IP addresses to use. // Default: IpAddressType.IPV4 // IpAddressType IpAddressType `field:"optional" json:"ipAddressType" yaml:"ipAddressType"` // Indicates whether the Application Load Balancer should preserve the host header in the HTTP request and send it to the target without any change. // Default: false. // PreserveHostHeader *bool `field:"optional" json:"preserveHostHeader" yaml:"preserveHostHeader"` // Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. // Default: false. // PreserveXffClientPort *bool `field:"optional" json:"preserveXffClientPort" yaml:"preserveXffClientPort"` // Security group to associate with this load balancer. // Default: A security group is created. // SecurityGroup awsec2.ISecurityGroup `field:"optional" json:"securityGroup" yaml:"securityGroup"` // Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. // Default: false. // WafFailOpen *bool `field:"optional" json:"wafFailOpen" yaml:"wafFailOpen"` // Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. // // The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, // and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. // // Both headers are in OpenSSL format. // Default: false. // XAmznTlsVersionAndCipherSuiteHeaders *bool `field:"optional" json:"xAmznTlsVersionAndCipherSuiteHeaders" yaml:"xAmznTlsVersionAndCipherSuiteHeaders"` // Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. // Default: XffHeaderProcessingMode.APPEND // XffHeaderProcessingMode XffHeaderProcessingMode `field:"optional" json:"xffHeaderProcessingMode" yaml:"xffHeaderProcessingMode"` }
Properties for defining an Application Load Balancer.
Example:
import "github.com/aws/aws-cdk-go/awscdk" var asg autoScalingGroup var vpc vpc // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), }) // Add a listener and open up the load balancer's security group // to the world. listener := lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), // 'open: true' is the default, you can leave it out if you want. Set it // to 'false' and use `listener.connections` if you want to be selective // about who can access the load balancer. Open: jsii.Boolean(true), }) // Create an AutoScaling group and add it as a load balancing // target to the listener. listener.AddTargets(jsii.String("ApplicationFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(8080), Targets: []iApplicationLoadBalancerTarget{ asg, }, })
type ApplicationLoadBalancerRedirectConfig ¶
type ApplicationLoadBalancerRedirectConfig struct { // Allow anyone to connect to this listener. // // If this is specified, the listener will be opened up to anyone who can reach it. // For internal load balancers this is anyone in the same VPC. For public load // balancers, this is anyone on the internet. // // If you want to be more selective about who can access this load // balancer, set this to `false` and use the listener's `connections` // object to selectively grant access to the listener. // Default: true. // Open *bool `field:"optional" json:"open" yaml:"open"` // The port number to listen to. // Default: 80. // SourcePort *float64 `field:"optional" json:"sourcePort" yaml:"sourcePort"` // The protocol of the listener being created. // Default: HTTP. // SourceProtocol ApplicationProtocol `field:"optional" json:"sourceProtocol" yaml:"sourceProtocol"` // The port number to redirect to. // Default: 443. // TargetPort *float64 `field:"optional" json:"targetPort" yaml:"targetPort"` // The protocol of the redirection target. // Default: HTTPS. // TargetProtocol ApplicationProtocol `field:"optional" json:"targetProtocol" yaml:"targetProtocol"` }
Properties for a redirection config.
Example:
var lb applicationLoadBalancer lb.AddRedirect(&ApplicationLoadBalancerRedirectConfig{ SourceProtocol: elbv2.ApplicationProtocol_HTTPS, SourcePort: jsii.Number(8443), TargetProtocol: elbv2.ApplicationProtocol_HTTP, TargetPort: jsii.Number(8080), })
type ApplicationProtocol ¶
type ApplicationProtocol string
Load balancing protocol for application load balancers.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
const ( // HTTP. ApplicationProtocol_HTTP ApplicationProtocol = "HTTP" // HTTPS. ApplicationProtocol_HTTPS ApplicationProtocol = "HTTPS" )
type ApplicationProtocolVersion ¶
type ApplicationProtocolVersion string
Load balancing protocol version for application load balancers.
Example:
var vpc vpc tg := elbv2.NewApplicationTargetGroup(this, jsii.String("TG"), &ApplicationTargetGroupProps{ TargetType: elbv2.TargetType_IP, Port: jsii.Number(50051), Protocol: elbv2.ApplicationProtocol_HTTP, ProtocolVersion: elbv2.ApplicationProtocolVersion_GRPC, HealthCheck: &HealthCheck{ Enabled: jsii.Boolean(true), HealthyGrpcCodes: jsii.String("0-99"), }, Vpc: Vpc, })
const ( // GRPC. ApplicationProtocolVersion_GRPC ApplicationProtocolVersion = "GRPC" // HTTP1. ApplicationProtocolVersion_HTTP1 ApplicationProtocolVersion = "HTTP1" // HTTP2. ApplicationProtocolVersion_HTTP2 ApplicationProtocolVersion = "HTTP2" )
type ApplicationTargetGroup ¶
type ApplicationTargetGroup interface { TargetGroupBase IApplicationTargetGroup // Default port configured for members of this target group. DefaultPort() *float64 // Full name of first load balancer. FirstLoadBalancerFullName() *string // Health check for the members of this target group. HealthCheck() *HealthCheck SetHealthCheck(val *HealthCheck) // A token representing a list of ARNs of the load balancers that route traffic to this target group. LoadBalancerArns() *string // List of constructs that need to be depended on to ensure the TargetGroup is associated to a load balancer. LoadBalancerAttached() constructs.IDependable // Configurable dependable with all resources that lead to load balancer attachment. LoadBalancerAttachedDependencies() constructs.DependencyGroup // All metrics available for this target group. Metrics() IApplicationTargetGroupMetrics // The tree node. Node() constructs.Node // The ARN of the target group. TargetGroupArn() *string // The full name of the target group. TargetGroupFullName() *string // ARNs of load balancers load balancing to this TargetGroup. TargetGroupLoadBalancerArns() *[]*string // The name of the target group. TargetGroupName() *string // The types of the directly registered members of this target group. TargetType() TargetType SetTargetType(val TargetType) // Register the given load balancing target as part of this group. AddLoadBalancerTarget(props *LoadBalancerTargetProps) // Add a load balancing target to this target group. AddTarget(targets ...IApplicationLoadBalancerTarget) // Set/replace the target group's health check. ConfigureHealthCheck(healthCheck *HealthCheck) // Enable sticky routing via a cookie to members of this target group. // // Note: If the `cookieName` parameter is set, application-based stickiness will be applied, // otherwise it defaults to duration-based stickiness attributes (`lb_cookie`). // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html // EnableCookieStickiness(duration awscdk.Duration, cookieName *string) // Return the given named metric for this Application Load Balancer Target Group. // // Returns the metric for this target group from the point of view of the first // load balancer load balancing to it. If you have multiple load balancers load // sending traffic to the same target group, you will have to override the dimensions // on this metric. // Default: Average over 5 minutes. // Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of healthy hosts in the target group. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.healthyHostCount“ instead MetricHealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in this target group. // // This does not include any response codes generated by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.httpCodeTarget“ instead MetricHttpCodeTarget(code HttpCodeTarget, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of IPv6 requests received by the target group. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.ipv6RequestCount“ instead MetricIpv6RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of requests processed over IPv4 and IPv6. // // This count includes only the requests with a response generated by a target of the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.requestCount“ instead MetricRequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The average number of requests received by each target in a target group. // // The only valid statistic is Sum. Note that this represents the average not the sum. // Default: Sum over 5 minutes. // // Deprecated: Use `ApplicationTargetGroup.metrics.requestCountPerTarget` instead MetricRequestCountPerTarget(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were not successfully established between the load balancer and target. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.targetConnectionErrorCount“ instead MetricTargetConnectionErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.targetResponseTime“ instead MetricTargetResponseTime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the load balancer that did not establish a session with the target. // // Possible causes include a mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.tlsNegotiationErrorCount“ instead MetricTargetTLSNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of unhealthy hosts in the target group. // Default: Average over 5 minutes. // // Deprecated: Use “ApplicationTargetGroup.metrics.unhealthyHostCount“ instead MetricUnhealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Register a connectable as a member of this target group. // // Don't call this directly. It will be called by load balancing targets. RegisterConnectable(connectable awsec2.IConnectable, portRange awsec2.Port) // Register a listener that is load balancing to this target group. // // Don't call this directly. It will be called by listeners. RegisterListener(listener IApplicationListener, associatingConstruct constructs.IConstruct) // Set a non-standard attribute on the target group. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateHealthCheck() *[]*string ValidateTargetGroup() *[]*string }
Define an Application Target Group.
Example:
var alb applicationLoadBalancer listener := alb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), }) targetGroup := listener.AddTargets(jsii.String("Fleet"), &AddApplicationTargetsProps{ Port: jsii.Number(80), }) deploymentGroup := codedeploy.NewServerDeploymentGroup(this, jsii.String("DeploymentGroup"), &ServerDeploymentGroupProps{ LoadBalancer: codedeploy.LoadBalancer_Application(targetGroup), })
func NewApplicationTargetGroup ¶
func NewApplicationTargetGroup(scope constructs.Construct, id *string, props *ApplicationTargetGroupProps) ApplicationTargetGroup
type ApplicationTargetGroupProps ¶
type ApplicationTargetGroupProps struct { // The amount of time for Elastic Load Balancing to wait before deregistering a target. // // The range is 0-3600 seconds. // Default: 300. // DeregistrationDelay awscdk.Duration `field:"optional" json:"deregistrationDelay" yaml:"deregistrationDelay"` // Health check configuration. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties // // Default: - The default value for each property in this configuration varies depending on the target. // HealthCheck *HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of // 32 characters, must contain only alphanumeric characters or hyphens, and // must not begin or end with a hyphen. // Default: - Automatically generated. // TargetGroupName *string `field:"optional" json:"targetGroupName" yaml:"targetGroupName"` // The type of targets registered to this TargetGroup, either IP or Instance. // // All targets registered into the group must be of this type. If you // register targets to the TargetGroup in the CDK app, the TargetType is // determined automatically. // Default: - Determined automatically. // TargetType TargetType `field:"optional" json:"targetType" yaml:"targetType"` // The virtual private cloud (VPC). // // only if `TargetType` is `Ip` or `InstanceId`. // Default: - undefined. // Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` // Indicates whether anomaly mitigation is enabled. // // Only available when `loadBalancingAlgorithmType` is `TargetGroupLoadBalancingAlgorithmType.WEIGHTED_RANDOM` // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights // // Default: false. // EnableAnomalyMitigation *bool `field:"optional" json:"enableAnomalyMitigation" yaml:"enableAnomalyMitigation"` // The load balancing algorithm to select targets for routing requests. // Default: TargetGroupLoadBalancingAlgorithmType.ROUND_ROBIN // LoadBalancingAlgorithmType TargetGroupLoadBalancingAlgorithmType `field:"optional" json:"loadBalancingAlgorithmType" yaml:"loadBalancingAlgorithmType"` // The port on which the target receives traffic. // // This is not applicable for Lambda targets. // Default: - Determined from protocol if known. // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol used for communication with the target. // // This is not applicable for Lambda targets. // Default: - Determined from port if known. // Protocol ApplicationProtocol `field:"optional" json:"protocol" yaml:"protocol"` // The protocol version to use. // Default: ApplicationProtocolVersion.HTTP1 // ProtocolVersion ApplicationProtocolVersion `field:"optional" json:"protocolVersion" yaml:"protocolVersion"` // The time period during which the load balancer sends a newly registered target a linearly increasing share of the traffic to the target group. // // The range is 30-900 seconds (15 minutes). // Default: 0. // SlowStart awscdk.Duration `field:"optional" json:"slowStart" yaml:"slowStart"` // The stickiness cookie expiration period. // // Setting this value enables load balancer stickiness. // // After this period, the cookie is considered stale. The minimum value is // 1 second and the maximum value is 7 days (604800 seconds). // Default: - Stickiness is disabled. // StickinessCookieDuration awscdk.Duration `field:"optional" json:"stickinessCookieDuration" yaml:"stickinessCookieDuration"` // The name of an application-based stickiness cookie. // // Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP, // and AWSALBTG; they're reserved for use by the load balancer. // // Note: `stickinessCookieName` parameter depends on the presence of `stickinessCookieDuration` parameter. // If `stickinessCookieDuration` is not set, `stickinessCookieName` will be omitted. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html // // Default: - If `stickinessCookieDuration` is set, a load-balancer generated cookie is used. Otherwise, no stickiness is defined. // StickinessCookieName *string `field:"optional" json:"stickinessCookieName" yaml:"stickinessCookieName"` // The targets to add to this target group. // // Can be `Instance`, `IPAddress`, or any self-registering load balancing // target. If you use either `Instance` or `IPAddress` as targets, all // target must be of the same type. // Default: - No targets. // Targets *[]IApplicationLoadBalancerTarget `field:"optional" json:"targets" yaml:"targets"` }
Properties for defining an Application Target Group.
Example:
var vpc vpc // Target group with slow start mode enabled tg := elbv2.NewApplicationTargetGroup(this, jsii.String("TG"), &ApplicationTargetGroupProps{ TargetType: elbv2.TargetType_INSTANCE, SlowStart: awscdk.Duration_Seconds(jsii.Number(60)), Port: jsii.Number(80), Vpc: Vpc, })
type AuthenticateOidcOptions ¶
type AuthenticateOidcOptions struct { // The authorization endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. AuthorizationEndpoint *string `field:"required" json:"authorizationEndpoint" yaml:"authorizationEndpoint"` // The OAuth 2.0 client identifier. ClientId *string `field:"required" json:"clientId" yaml:"clientId"` // The OAuth 2.0 client secret. ClientSecret awscdk.SecretValue `field:"required" json:"clientSecret" yaml:"clientSecret"` // The OIDC issuer identifier of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. Issuer *string `field:"required" json:"issuer" yaml:"issuer"` // What action to execute next. Next ListenerAction `field:"required" json:"next" yaml:"next"` // The token endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. TokenEndpoint *string `field:"required" json:"tokenEndpoint" yaml:"tokenEndpoint"` // The user info endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. UserInfoEndpoint *string `field:"required" json:"userInfoEndpoint" yaml:"userInfoEndpoint"` // Allow HTTPS outbound traffic to communicate with the IdP. // // Set this property to false if the IP address used for the IdP endpoint is identifiable // and you want to control outbound traffic. // Then allow HTTPS outbound traffic to the IdP's IP address using the listener's `connections` property. // See: https://repost.aws/knowledge-center/elb-configure-authentication-alb // // Default: true. // AllowHttpsOutbound *bool `field:"optional" json:"allowHttpsOutbound" yaml:"allowHttpsOutbound"` // The query parameters (up to 10) to include in the redirect request to the authorization endpoint. // Default: - No extra parameters. // AuthenticationRequestExtraParams *map[string]*string `field:"optional" json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"` // The behavior if the user is not authenticated. // Default: UnauthenticatedAction.AUTHENTICATE // OnUnauthenticatedRequest UnauthenticatedAction `field:"optional" json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"` // The set of user claims to be requested from the IdP. // // To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. // Default: "openid". // Scope *string `field:"optional" json:"scope" yaml:"scope"` // The name of the cookie used to maintain session information. // Default: "AWSELBAuthSessionCookie". // SessionCookieName *string `field:"optional" json:"sessionCookieName" yaml:"sessionCookieName"` // The maximum duration of the authentication session. // Default: Duration.days(7) // SessionTimeout awscdk.Duration `field:"optional" json:"sessionTimeout" yaml:"sessionTimeout"` }
Options for `ListenerAction.authenciateOidc()`.
Example:
var listener applicationListener var myTargetGroup applicationTargetGroup listener.AddAction(jsii.String("DefaultAction"), &AddApplicationActionProps{ Action: elbv2.ListenerAction_AuthenticateOidc(&AuthenticateOidcOptions{ AuthorizationEndpoint: jsii.String("https://example.com/openid"), // Other OIDC properties here ClientId: jsii.String("..."), ClientSecret: awscdk.SecretValue_SecretsManager(jsii.String("...")), Issuer: jsii.String("..."), TokenEndpoint: jsii.String("..."), UserInfoEndpoint: jsii.String("..."), // Next Next: elbv2.ListenerAction_Forward([]iApplicationTargetGroup{ myTargetGroup, }), }), })
type BaseApplicationListenerProps ¶
type BaseApplicationListenerProps struct { // Certificate list of ACM cert ARNs. // // You must provide exactly one certificate if the listener protocol is HTTPS or TLS. // Default: - No certificates. // Certificates *[]IListenerCertificate `field:"optional" json:"certificates" yaml:"certificates"` // Default action to take for requests to this listener. // // This allows full control of the default action of the load balancer, // including Action chaining, fixed responses and redirect responses. // // See the `ListenerAction` class for all options. // // Cannot be specified together with `defaultTargetGroups`. // Default: - None. // DefaultAction ListenerAction `field:"optional" json:"defaultAction" yaml:"defaultAction"` // Default target groups to load balance to. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use // either `defaultAction` or `addAction()`. // // Cannot be specified together with `defaultAction`. // Default: - None. // DefaultTargetGroups *[]IApplicationTargetGroup `field:"optional" json:"defaultTargetGroups" yaml:"defaultTargetGroups"` // The mutual authentication configuration information. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html // // Default: - No mutual authentication configuration. // MutualAuthentication *MutualAuthentication `field:"optional" json:"mutualAuthentication" yaml:"mutualAuthentication"` // Allow anyone to connect to the load balancer on the listener port. // // If this is specified, the load balancer will be opened up to anyone who can reach it. // For internal load balancers this is anyone in the same VPC. For public load // balancers, this is anyone on the internet. // // If you want to be more selective about who can access this load // balancer, set this to `false` and use the listener's `connections` // object to selectively grant access to the load balancer on the listener port. // Default: true. // Open *bool `field:"optional" json:"open" yaml:"open"` // The port on which the listener listens for requests. // Default: - Determined from protocol if known. // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol to use. // Default: - Determined from port if known. // Protocol ApplicationProtocol `field:"optional" json:"protocol" yaml:"protocol"` // The security policy that defines which ciphers and protocols are supported. // Default: - The current predefined security policy. // SslPolicy SslPolicy `field:"optional" json:"sslPolicy" yaml:"sslPolicy"` }
Basic properties for an ApplicationListener.
Example:
var cluster cluster var taskDefinition taskDefinition var vpc vpc service := ecs.NewFargateService(this, jsii.String("Service"), &FargateServiceProps{ Cluster: Cluster, TaskDefinition: TaskDefinition, }) lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), }) listener := lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), }) service.RegisterLoadBalancerTargets(&EcsTarget{ ContainerName: jsii.String("web"), ContainerPort: jsii.Number(80), NewTargetGroupId: jsii.String("ECS"), Listener: ecs.ListenerConfig_ApplicationListener(listener, &AddApplicationTargetsProps{ Protocol: elbv2.ApplicationProtocol_HTTPS, }), })
type BaseApplicationListenerRuleProps ¶
type BaseApplicationListenerRuleProps struct { // Priority of the rule. // // The rule with the lowest priority will be used for every request. // // Priorities must be unique. Priority *float64 `field:"required" json:"priority" yaml:"priority"` // Action to perform when requests are received. // // Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified. // Default: - No action. // Action ListenerAction `field:"optional" json:"action" yaml:"action"` // Rule applies if matches the conditions. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html // // Default: - No conditions. // Conditions *[]ListenerCondition `field:"optional" json:"conditions" yaml:"conditions"` // Target groups to forward requests to. // // Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified. // // Implies a `forward` action. // Default: - No target groups. // TargetGroups *[]IApplicationTargetGroup `field:"optional" json:"targetGroups" yaml:"targetGroups"` }
Basic properties for defining a rule on a listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationTargetGroup applicationTargetGroup var listenerAction listenerAction var listenerCondition listenerCondition baseApplicationListenerRuleProps := &BaseApplicationListenerRuleProps{ Priority: jsii.Number(123), // the properties below are optional Action: listenerAction, Conditions: []*listenerCondition{ listenerCondition, }, TargetGroups: []iApplicationTargetGroup{ applicationTargetGroup, }, }
type BaseListener ¶
type BaseListener interface { awscdk.Resource IListener // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // ARN of the listener. ListenerArn() *string // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string // Validate this listener. ValidateListener() *[]*string }
Base class for listeners.
type BaseListenerLookupOptions ¶
type BaseListenerLookupOptions struct { // Filter listeners by listener port. // Default: - does not filter by listener port. // ListenerPort *float64 `field:"optional" json:"listenerPort" yaml:"listenerPort"` // Filter listeners by associated load balancer arn. // Default: - does not filter by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Filter listeners by associated load balancer tags. // Default: - does not filter by load balancer tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` }
Options for listener lookup.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" baseListenerLookupOptions := &BaseListenerLookupOptions{ ListenerPort: jsii.Number(123), LoadBalancerArn: jsii.String("loadBalancerArn"), LoadBalancerTags: map[string]*string{ "loadBalancerTagsKey": jsii.String("loadBalancerTags"), }, }
type BaseLoadBalancer ¶
type BaseLoadBalancer interface { awscdk.Resource // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The ARN of this load balancer. // // Example value: `arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-internal-load-balancer/50dc6c495c0c9188`. LoadBalancerArn() *string // The canonical hosted zone ID of this load balancer. // // Example value: `Z2P70J7EXAMPLE`. LoadBalancerCanonicalHostedZoneId() *string // The DNS name of this load balancer. // // Example value: `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` LoadBalancerDnsName() *string // The full name of this load balancer. // // Example value: `app/my-load-balancer/50dc6c495c0c9188`. LoadBalancerFullName() *string // The name of this load balancer. // // Example value: `my-load-balancer`. LoadBalancerName() *string LoadBalancerSecurityGroups() *[]*string // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // The VPC this load balancer has been created in. // // This property is always defined (not `null` or `undefined`) for sub-classes of `BaseLoadBalancer`. Vpc() awsec2.IVpc // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Enable access logging for this load balancer. // // A region must be specified on the stack containing the load balancer; you cannot enable logging on // environment-agnostic stacks. See https://docs.aws.amazon.com/cdk/latest/guide/environments.html LogAccessLogs(bucket awss3.IBucket, prefix *string) // Remove an attribute from the load balancer. RemoveAttribute(key *string) ResourcePolicyPrincipal() awsiam.IPrincipal // Set a non-standard attribute on the load balancer. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateLoadBalancer() *[]*string }
Base class for both Application and Network Load Balancers.
type BaseLoadBalancerLookupOptions ¶
type BaseLoadBalancerLookupOptions struct { // Find by load balancer's ARN. // Default: - does not search by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Match load balancer tags. // Default: - does not match load balancers by tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` }
Options for looking up load balancers.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" baseLoadBalancerLookupOptions := &BaseLoadBalancerLookupOptions{ LoadBalancerArn: jsii.String("loadBalancerArn"), LoadBalancerTags: map[string]*string{ "loadBalancerTagsKey": jsii.String("loadBalancerTags"), }, }
type BaseLoadBalancerProps ¶
type BaseLoadBalancerProps struct { // The VPC network to place the load balancer in. Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"` // Indicates whether cross-zone load balancing is enabled. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html // // Default: - false for Network Load Balancers and true for Application Load Balancers. // This can not be `false` for Application Load Balancers. // CrossZoneEnabled *bool `field:"optional" json:"crossZoneEnabled" yaml:"crossZoneEnabled"` // Indicates whether deletion protection is enabled. // Default: false. // DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"` // Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW). // Default: - false for internet-facing load balancers and true for internal load balancers. // DenyAllIgwTraffic *bool `field:"optional" json:"denyAllIgwTraffic" yaml:"denyAllIgwTraffic"` // Whether the load balancer has an internet-routable address. // Default: false. // InternetFacing *bool `field:"optional" json:"internetFacing" yaml:"internetFacing"` // Name of the load balancer. // Default: - Automatically generated name. // LoadBalancerName *string `field:"optional" json:"loadBalancerName" yaml:"loadBalancerName"` // Which subnets place the load balancer in. // Default: - the Vpc default strategy. // VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"` }
Shared properties of both Application and Network Load Balancers.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var subnet subnet var subnetFilter subnetFilter var vpc vpc baseLoadBalancerProps := &BaseLoadBalancerProps{ Vpc: vpc, // the properties below are optional CrossZoneEnabled: jsii.Boolean(false), DeletionProtection: jsii.Boolean(false), DenyAllIgwTraffic: jsii.Boolean(false), InternetFacing: jsii.Boolean(false), LoadBalancerName: jsii.String("loadBalancerName"), VpcSubnets: &SubnetSelection{ AvailabilityZones: []*string{ jsii.String("availabilityZones"), }, OnePerAz: jsii.Boolean(false), SubnetFilters: []*subnetFilter{ subnetFilter, }, SubnetGroupName: jsii.String("subnetGroupName"), Subnets: []iSubnet{ subnet, }, SubnetType: awscdk.Aws_ec2.SubnetType_PRIVATE_ISOLATED, }, }
type BaseNetworkListenerProps ¶
type BaseNetworkListenerProps struct { // The port on which the listener listens for requests. Port *float64 `field:"required" json:"port" yaml:"port"` // Application-Layer Protocol Negotiation (ALPN) is a TLS extension that is sent on the initial TLS handshake hello messages. // // ALPN enables the application layer to negotiate which protocols should be used over a secure connection, such as HTTP/1 and HTTP/2. // // Can only be specified together with Protocol TLS. // Default: - None. // AlpnPolicy AlpnPolicy `field:"optional" json:"alpnPolicy" yaml:"alpnPolicy"` // Certificate list of ACM cert ARNs. // // You must provide exactly one certificate if the listener protocol is HTTPS or TLS. // Default: - No certificates. // Certificates *[]IListenerCertificate `field:"optional" json:"certificates" yaml:"certificates"` // Default action to take for requests to this listener. // // This allows full control of the default Action of the load balancer, // including weighted forwarding. See the `NetworkListenerAction` class for // all options. // // Cannot be specified together with `defaultTargetGroups`. // Default: - None. // DefaultAction NetworkListenerAction `field:"optional" json:"defaultAction" yaml:"defaultAction"` // Default target groups to load balance to. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use // either `defaultAction` or `addAction()`. // // Cannot be specified together with `defaultAction`. // Default: - None. // DefaultTargetGroups *[]INetworkTargetGroup `field:"optional" json:"defaultTargetGroups" yaml:"defaultTargetGroups"` // Protocol for listener, expects TCP, TLS, UDP, or TCP_UDP. // Default: - TLS if certificates are provided. TCP otherwise. // Protocol Protocol `field:"optional" json:"protocol" yaml:"protocol"` // SSL Policy. // Default: - Current predefined security policy. // SslPolicy SslPolicy `field:"optional" json:"sslPolicy" yaml:"sslPolicy"` }
Basic properties for a Network Listener.
Example:
import elb "github.com/aws/aws-cdk-go/awscdk" import elb2 "github.com/aws/aws-cdk-go/awscdk" var clb loadBalancer var alb applicationLoadBalancer var nlb networkLoadBalancer albListener := alb.AddListener(jsii.String("ALBListener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), }) albTargetGroup := albListener.AddTargets(jsii.String("ALBFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(80), }) nlbListener := nlb.AddListener(jsii.String("NLBListener"), &BaseNetworkListenerProps{ Port: jsii.Number(80), }) nlbTargetGroup := nlbListener.AddTargets(jsii.String("NLBFleet"), &AddNetworkTargetsProps{ Port: jsii.Number(80), }) deploymentGroup := codedeploy.NewServerDeploymentGroup(this, jsii.String("DeploymentGroup"), &ServerDeploymentGroupProps{ LoadBalancers: []loadBalancer{ codedeploy.*loadBalancer_Classic(clb), codedeploy.*loadBalancer_Application(albTargetGroup), codedeploy.*loadBalancer_Network(nlbTargetGroup), }, })
type BaseTargetGroupProps ¶
type BaseTargetGroupProps struct { // The amount of time for Elastic Load Balancing to wait before deregistering a target. // // The range is 0-3600 seconds. // Default: 300. // DeregistrationDelay awscdk.Duration `field:"optional" json:"deregistrationDelay" yaml:"deregistrationDelay"` // Health check configuration. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties // // Default: - The default value for each property in this configuration varies depending on the target. // HealthCheck *HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of // 32 characters, must contain only alphanumeric characters or hyphens, and // must not begin or end with a hyphen. // Default: - Automatically generated. // TargetGroupName *string `field:"optional" json:"targetGroupName" yaml:"targetGroupName"` // The type of targets registered to this TargetGroup, either IP or Instance. // // All targets registered into the group must be of this type. If you // register targets to the TargetGroup in the CDK app, the TargetType is // determined automatically. // Default: - Determined automatically. // TargetType TargetType `field:"optional" json:"targetType" yaml:"targetType"` // The virtual private cloud (VPC). // // only if `TargetType` is `Ip` or `InstanceId`. // Default: - undefined. // Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` }
Basic properties of both Application and Network Target Groups.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var vpc vpc baseTargetGroupProps := &BaseTargetGroupProps{ DeregistrationDelay: cdk.Duration_Minutes(jsii.Number(30)), HealthCheck: &HealthCheck{ Enabled: jsii.Boolean(false), HealthyGrpcCodes: jsii.String("healthyGrpcCodes"), HealthyHttpCodes: jsii.String("healthyHttpCodes"), HealthyThresholdCount: jsii.Number(123), Interval: cdk.Duration_*Minutes(jsii.Number(30)), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: awscdk.Aws_elasticloadbalancingv2.Protocol_HTTP, Timeout: cdk.Duration_*Minutes(jsii.Number(30)), UnhealthyThresholdCount: jsii.Number(123), }, TargetGroupName: jsii.String("targetGroupName"), TargetType: awscdk.*Aws_elasticloadbalancingv2.TargetType_INSTANCE, Vpc: vpc, }
type CfnListener ¶
type CfnListener interface { awscdk.CfnResource awscdk.IInspectable // [TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy. AlpnPolicy() *[]*string SetAlpnPolicy(val *[]*string) // The Amazon Resource Name (ARN) of the listener. AttrListenerArn() *string // The default SSL server certificate for a secure listener. Certificates() interface{} SetCertificates(val interface{}) // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The actions for the default rule. // // You cannot define a condition for a default rule. DefaultActions() interface{} SetDefaultActions(val interface{}) // The Amazon Resource Name (ARN) of the load balancer. LoadBalancerArn() *string SetLoadBalancerArn(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The mutual authentication configuration information. MutualAuthentication() interface{} SetMutualAuthentication(val interface{}) // The tree node. Node() constructs.Node // The port on which the load balancer is listening. Port() *float64 SetPort(val *float64) // The protocol for connections from clients to the load balancer. Protocol() *string SetProtocol(val *string) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // [HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. SslPolicy() *string SetSslPolicy(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Specifies a listener for an Application Load Balancer, Network Load Balancer, or Gateway Load Balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListener := awscdk.Aws_elasticloadbalancingv2.NewCfnListener(this, jsii.String("MyCfnListener"), &CfnListenerProps{ DefaultActions: []interface{}{ &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }, }, LoadBalancerArn: jsii.String("loadBalancerArn"), // the properties below are optional AlpnPolicy: []*string{ jsii.String("alpnPolicy"), }, Certificates: []interface{}{ &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }, }, MutualAuthentication: &MutualAuthenticationProperty{ IgnoreClientCertificateExpiry: jsii.Boolean(false), Mode: jsii.String("mode"), TrustStoreArn: jsii.String("trustStoreArn"), }, Port: jsii.Number(123), Protocol: jsii.String("protocol"), SslPolicy: jsii.String("sslPolicy"), })
func NewCfnListener ¶
func NewCfnListener(scope constructs.Construct, id *string, props *CfnListenerProps) CfnListener
type CfnListenerCertificate ¶
type CfnListenerCertificate interface { awscdk.CfnResource awscdk.IInspectable AttrId() *string // The certificate. Certificates() interface{} SetCertificates(val interface{}) // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The Amazon Resource Name (ARN) of the listener. ListenerArn() *string SetListenerArn(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Specifies an SSL server certificate to add to the certificate list for an HTTPS or TLS listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListenerCertificate := awscdk.Aws_elasticloadbalancingv2.NewCfnListenerCertificate(this, jsii.String("MyCfnListenerCertificate"), &CfnListenerCertificateProps{ Certificates: []interface{}{ &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }, }, ListenerArn: jsii.String("listenerArn"), })
func NewCfnListenerCertificate ¶
func NewCfnListenerCertificate(scope constructs.Construct, id *string, props *CfnListenerCertificateProps) CfnListenerCertificate
type CfnListenerCertificateProps ¶
type CfnListenerCertificateProps struct { // The certificate. // // You can specify one certificate per resource. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html#cfn-elasticloadbalancingv2-listenercertificate-certificates // Certificates interface{} `field:"required" json:"certificates" yaml:"certificates"` // The Amazon Resource Name (ARN) of the listener. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html#cfn-elasticloadbalancingv2-listenercertificate-listenerarn // ListenerArn *string `field:"required" json:"listenerArn" yaml:"listenerArn"` }
Properties for defining a `CfnListenerCertificate`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListenerCertificateProps := &CfnListenerCertificateProps{ Certificates: []interface{}{ &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }, }, ListenerArn: jsii.String("listenerArn"), }
type CfnListenerCertificate_CertificateProperty ¶
type CfnListenerCertificate_CertificateProperty struct { // The Amazon Resource Name (ARN) of the certificate. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenercertificate-certificate.html#cfn-elasticloadbalancingv2-listenercertificate-certificate-certificatearn // CertificateArn *string `field:"optional" json:"certificateArn" yaml:"certificateArn"` }
Specifies an SSL server certificate for the certificate list of a secure listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" certificateProperty := &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }
type CfnListenerProps ¶
type CfnListenerProps struct { // The actions for the default rule. You cannot define a condition for a default rule. // // To create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-defaultactions // DefaultActions interface{} `field:"required" json:"defaultActions" yaml:"defaultActions"` // The Amazon Resource Name (ARN) of the load balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-loadbalancerarn // LoadBalancerArn *string `field:"required" json:"loadBalancerArn" yaml:"loadBalancerArn"` // [TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-alpnpolicy // AlpnPolicy *[]*string `field:"optional" json:"alpnPolicy" yaml:"alpnPolicy"` // The default SSL server certificate for a secure listener. // // You must provide exactly one certificate if the listener protocol is HTTPS or TLS. // // To create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-certificates // Certificates interface{} `field:"optional" json:"certificates" yaml:"certificates"` // The mutual authentication configuration information. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-mutualauthentication // MutualAuthentication interface{} `field:"optional" json:"mutualAuthentication" yaml:"mutualAuthentication"` // The port on which the load balancer is listening. // // You cannot specify a port for a Gateway Load Balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-port // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol for connections from clients to the load balancer. // // For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-protocol // Protocol *string `field:"optional" json:"protocol" yaml:"protocol"` // [HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. // // Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic. // // For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide* . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listener.html#cfn-elasticloadbalancingv2-listener-sslpolicy // SslPolicy *string `field:"optional" json:"sslPolicy" yaml:"sslPolicy"` }
Properties for defining a `CfnListener`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListenerProps := &CfnListenerProps{ DefaultActions: []interface{}{ &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }, }, LoadBalancerArn: jsii.String("loadBalancerArn"), // the properties below are optional AlpnPolicy: []*string{ jsii.String("alpnPolicy"), }, Certificates: []interface{}{ &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }, }, MutualAuthentication: &MutualAuthenticationProperty{ IgnoreClientCertificateExpiry: jsii.Boolean(false), Mode: jsii.String("mode"), TrustStoreArn: jsii.String("trustStoreArn"), }, Port: jsii.Number(123), Protocol: jsii.String("protocol"), SslPolicy: jsii.String("sslPolicy"), }
type CfnListenerRule ¶
type CfnListenerRule interface { awscdk.CfnResource awscdk.IInspectable // The actions. Actions() interface{} SetActions(val interface{}) // Indicates whether this is the default rule. AttrIsDefault() awscdk.IResolvable // The Amazon Resource Name (ARN) of the rule. AttrRuleArn() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // The conditions. Conditions() interface{} SetConditions(val interface{}) // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The Amazon Resource Name (ARN) of the listener. ListenerArn() *string SetListenerArn(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The tree node. Node() constructs.Node // The rule priority. // // A listener can't have multiple rules with the same priority. Priority() *float64 SetPriority(val *float64) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Specifies a listener rule.
The listener must be associated with an Application Load Balancer. Each rule consists of a priority, one or more actions, and one or more conditions.
For more information, see [Quotas for your Application Load Balancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) in the *User Guide for Application Load Balancers* .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListenerRule := awscdk.Aws_elasticloadbalancingv2.NewCfnListenerRule(this, jsii.String("MyCfnListenerRule"), &CfnListenerRuleProps{ Actions: []interface{}{ &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }, }, Conditions: []interface{}{ &RuleConditionProperty{ Field: jsii.String("field"), HostHeaderConfig: &HostHeaderConfigProperty{ Values: []*string{ jsii.String("values"), }, }, HttpHeaderConfig: &HttpHeaderConfigProperty{ HttpHeaderName: jsii.String("httpHeaderName"), Values: []*string{ jsii.String("values"), }, }, HttpRequestMethodConfig: &HttpRequestMethodConfigProperty{ Values: []*string{ jsii.String("values"), }, }, PathPatternConfig: &PathPatternConfigProperty{ Values: []*string{ jsii.String("values"), }, }, QueryStringConfig: &QueryStringConfigProperty{ Values: []interface{}{ &QueryStringKeyValueProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }, SourceIpConfig: &SourceIpConfigProperty{ Values: []*string{ jsii.String("values"), }, }, Values: []*string{ jsii.String("values"), }, }, }, Priority: jsii.Number(123), // the properties below are optional ListenerArn: jsii.String("listenerArn"), })
func NewCfnListenerRule ¶
func NewCfnListenerRule(scope constructs.Construct, id *string, props *CfnListenerRuleProps) CfnListenerRule
type CfnListenerRuleProps ¶
type CfnListenerRuleProps struct { // The actions. // // The rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html#cfn-elasticloadbalancingv2-listenerrule-actions // Actions interface{} `field:"required" json:"actions" yaml:"actions"` // The conditions. // // The rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html#cfn-elasticloadbalancingv2-listenerrule-conditions // Conditions interface{} `field:"required" json:"conditions" yaml:"conditions"` // The rule priority. A listener can't have multiple rules with the same priority. // // If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html#cfn-elasticloadbalancingv2-listenerrule-priority // Priority *float64 `field:"required" json:"priority" yaml:"priority"` // The Amazon Resource Name (ARN) of the listener. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html#cfn-elasticloadbalancingv2-listenerrule-listenerarn // ListenerArn *string `field:"optional" json:"listenerArn" yaml:"listenerArn"` }
Properties for defining a `CfnListenerRule`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnListenerRuleProps := &CfnListenerRuleProps{ Actions: []interface{}{ &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }, }, Conditions: []interface{}{ &RuleConditionProperty{ Field: jsii.String("field"), HostHeaderConfig: &HostHeaderConfigProperty{ Values: []*string{ jsii.String("values"), }, }, HttpHeaderConfig: &HttpHeaderConfigProperty{ HttpHeaderName: jsii.String("httpHeaderName"), Values: []*string{ jsii.String("values"), }, }, HttpRequestMethodConfig: &HttpRequestMethodConfigProperty{ Values: []*string{ jsii.String("values"), }, }, PathPatternConfig: &PathPatternConfigProperty{ Values: []*string{ jsii.String("values"), }, }, QueryStringConfig: &QueryStringConfigProperty{ Values: []interface{}{ &QueryStringKeyValueProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }, SourceIpConfig: &SourceIpConfigProperty{ Values: []*string{ jsii.String("values"), }, }, Values: []*string{ jsii.String("values"), }, }, }, Priority: jsii.Number(123), // the properties below are optional ListenerArn: jsii.String("listenerArn"), }
type CfnListenerRule_ActionProperty ¶
type CfnListenerRule_ActionProperty struct { // The type of action. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-type // Type *string `field:"required" json:"type" yaml:"type"` // [HTTPS listeners] Information for using Amazon Cognito to authenticate users. // // Specify only when `Type` is `authenticate-cognito` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticatecognitoconfig // AuthenticateCognitoConfig interface{} `field:"optional" json:"authenticateCognitoConfig" yaml:"authenticateCognitoConfig"` // [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). // // Specify only when `Type` is `authenticate-oidc` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-authenticateoidcconfig // AuthenticateOidcConfig interface{} `field:"optional" json:"authenticateOidcConfig" yaml:"authenticateOidcConfig"` // [Application Load Balancer] Information for creating an action that returns a custom HTTP response. // // Specify only when `Type` is `fixed-response` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-fixedresponseconfig // FixedResponseConfig interface{} `field:"optional" json:"fixedResponseConfig" yaml:"fixedResponseConfig"` // Information for creating an action that distributes requests among one or more target groups. // // For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-forwardconfig // ForwardConfig interface{} `field:"optional" json:"forwardConfig" yaml:"forwardConfig"` // The order for the action. // // This value is required for rules with multiple actions. The action with the lowest value for order is performed first. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-order // Order *float64 `field:"optional" json:"order" yaml:"order"` // [Application Load Balancer] Information for creating a redirect action. // // Specify only when `Type` is `redirect` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-redirectconfig // RedirectConfig interface{} `field:"optional" json:"redirectConfig" yaml:"redirectConfig"` // The Amazon Resource Name (ARN) of the target group. // // Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-action.html#cfn-elasticloadbalancingv2-listenerrule-action-targetgrouparn // TargetGroupArn *string `field:"optional" json:"targetGroupArn" yaml:"targetGroupArn"` }
Specifies an action for a listener rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" actionProperty := &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }
type CfnListenerRule_AuthenticateCognitoConfigProperty ¶
type CfnListenerRule_AuthenticateCognitoConfigProperty struct { // The Amazon Resource Name (ARN) of the Amazon Cognito user pool. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-userpoolarn // UserPoolArn *string `field:"required" json:"userPoolArn" yaml:"userPoolArn"` // The ID of the Amazon Cognito user pool client. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-userpoolclientid // UserPoolClientId *string `field:"required" json:"userPoolClientId" yaml:"userPoolClientId"` // The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-userpooldomain // UserPoolDomain *string `field:"required" json:"userPoolDomain" yaml:"userPoolDomain"` // The query parameters (up to 10) to include in the redirect request to the authorization endpoint. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-authenticationrequestextraparams // AuthenticationRequestExtraParams interface{} `field:"optional" json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"` // The behavior if the user is not authenticated. The following are possible values:. // // - deny “ - Return an HTTP 401 Unauthorized error. // - allow “ - Allow the request to be forwarded to the target. // - authenticate “ - Redirect the request to the IdP authorization endpoint. This is the default value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-onunauthenticatedrequest // OnUnauthenticatedRequest *string `field:"optional" json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"` // The set of user claims to be requested from the IdP. The default is `openid` . // // To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-scope // Scope *string `field:"optional" json:"scope" yaml:"scope"` // The name of the cookie used to maintain session information. // // The default is AWSELBAuthSessionCookie. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-sessioncookiename // SessionCookieName *string `field:"optional" json:"sessionCookieName" yaml:"sessionCookieName"` // The maximum duration of the authentication session, in seconds. // // The default is 604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticatecognitoconfig-sessiontimeout // SessionTimeout *float64 `field:"optional" json:"sessionTimeout" yaml:"sessionTimeout"` }
Specifies information required when integrating with Amazon Cognito to authenticate users.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" authenticateCognitoConfigProperty := &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), }
type CfnListenerRule_AuthenticateOidcConfigProperty ¶
type CfnListenerRule_AuthenticateOidcConfigProperty struct { // The authorization endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-authorizationendpoint // AuthorizationEndpoint *string `field:"required" json:"authorizationEndpoint" yaml:"authorizationEndpoint"` // The OAuth 2.0 client identifier. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-clientid // ClientId *string `field:"required" json:"clientId" yaml:"clientId"` // The OIDC issuer identifier of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-issuer // Issuer *string `field:"required" json:"issuer" yaml:"issuer"` // The token endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-tokenendpoint // TokenEndpoint *string `field:"required" json:"tokenEndpoint" yaml:"tokenEndpoint"` // The user info endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-userinfoendpoint // UserInfoEndpoint *string `field:"required" json:"userInfoEndpoint" yaml:"userInfoEndpoint"` // The query parameters (up to 10) to include in the redirect request to the authorization endpoint. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-authenticationrequestextraparams // AuthenticationRequestExtraParams interface{} `field:"optional" json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"` // The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-clientsecret // ClientSecret *string `field:"optional" json:"clientSecret" yaml:"clientSecret"` // The behavior if the user is not authenticated. The following are possible values:. // // - deny “ - Return an HTTP 401 Unauthorized error. // - allow “ - Allow the request to be forwarded to the target. // - authenticate “ - Redirect the request to the IdP authorization endpoint. This is the default value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-onunauthenticatedrequest // OnUnauthenticatedRequest *string `field:"optional" json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"` // The set of user claims to be requested from the IdP. The default is `openid` . // // To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-scope // Scope *string `field:"optional" json:"scope" yaml:"scope"` // The name of the cookie used to maintain session information. // // The default is AWSELBAuthSessionCookie. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-sessioncookiename // SessionCookieName *string `field:"optional" json:"sessionCookieName" yaml:"sessionCookieName"` // The maximum duration of the authentication session, in seconds. // // The default is 604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-sessiontimeout // SessionTimeout *float64 `field:"optional" json:"sessionTimeout" yaml:"sessionTimeout"` // Indicates whether to use the existing client secret when modifying a rule. // // If you are creating a rule, you can omit this parameter or set it to false. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listenerrule-authenticateoidcconfig-useexistingclientsecret // UseExistingClientSecret interface{} `field:"optional" json:"useExistingClientSecret" yaml:"useExistingClientSecret"` }
Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" authenticateOidcConfigProperty := &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.Number(123), UseExistingClientSecret: jsii.Boolean(false), }
type CfnListenerRule_FixedResponseConfigProperty ¶
type CfnListenerRule_FixedResponseConfigProperty struct { // The HTTP response code (2XX, 4XX, or 5XX). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listenerrule-fixedresponseconfig-statuscode // StatusCode *string `field:"required" json:"statusCode" yaml:"statusCode"` // The content type. // // Valid Values: text/plain | text/css | text/html | application/javascript | application/json. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listenerrule-fixedresponseconfig-contenttype // ContentType *string `field:"optional" json:"contentType" yaml:"contentType"` // The message. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listenerrule-fixedresponseconfig-messagebody // MessageBody *string `field:"optional" json:"messageBody" yaml:"messageBody"` }
Specifies information required when returning a custom HTTP response.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" fixedResponseConfigProperty := &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }
type CfnListenerRule_ForwardConfigProperty ¶
type CfnListenerRule_ForwardConfigProperty struct { // Information about how traffic will be distributed between multiple target groups in a forward rule. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-forwardconfig.html#cfn-elasticloadbalancingv2-listenerrule-forwardconfig-targetgroups // TargetGroups interface{} `field:"optional" json:"targetGroups" yaml:"targetGroups"` // Information about the target group stickiness for a rule. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-forwardconfig.html#cfn-elasticloadbalancingv2-listenerrule-forwardconfig-targetgroupstickinessconfig // TargetGroupStickinessConfig interface{} `field:"optional" json:"targetGroupStickinessConfig" yaml:"targetGroupStickinessConfig"` }
Information for creating an action that distributes requests among one or more target groups.
For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" forwardConfigProperty := &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }
type CfnListenerRule_HostHeaderConfigProperty ¶
type CfnListenerRule_HostHeaderConfigProperty struct { // The host names. // // The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). // // If you specify multiple strings, the condition is satisfied if one of the strings matches the host name. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-hostheaderconfig.html#cfn-elasticloadbalancingv2-listenerrule-hostheaderconfig-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Information about a host header condition.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" hostHeaderConfigProperty := &HostHeaderConfigProperty{ Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_HttpHeaderConfigProperty ¶
type CfnListenerRule_HttpHeaderConfigProperty struct { // The name of the HTTP header field. // // The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-httpheaderconfig.html#cfn-elasticloadbalancingv2-listenerrule-httpheaderconfig-httpheadername // HttpHeaderName *string `field:"optional" json:"httpHeaderName" yaml:"httpHeaderName"` // The strings to compare against the value of the HTTP header. // // The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). // // If the same header appears multiple times in the request, we search them in order until a match is found. // // If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-httpheaderconfig.html#cfn-elasticloadbalancingv2-listenerrule-httpheaderconfig-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Information about an HTTP header condition.
There is a set of standard HTTP header fields. You can also define custom HTTP header fields.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" httpHeaderConfigProperty := &HttpHeaderConfigProperty{ HttpHeaderName: jsii.String("httpHeaderName"), Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_HttpRequestMethodConfigProperty ¶
type CfnListenerRule_HttpRequestMethodConfigProperty struct { // The name of the request method. // // The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. // // If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-httprequestmethodconfig.html#cfn-elasticloadbalancingv2-listenerrule-httprequestmethodconfig-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Information about an HTTP method condition.
HTTP defines a set of request methods, also referred to as HTTP verbs. For more information, see the [HTTP Method Registry](https://docs.aws.amazon.com/https://www.iana.org/assignments/http-methods/http-methods.xhtml) . You can also define custom HTTP methods.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" httpRequestMethodConfigProperty := &HttpRequestMethodConfigProperty{ Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_PathPatternConfigProperty ¶
type CfnListenerRule_PathPatternConfigProperty struct { // The path patterns to compare against the request URL. // // The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). // // If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-pathpatternconfig.html#cfn-elasticloadbalancingv2-listenerrule-pathpatternconfig-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Information about a path pattern condition.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" pathPatternConfigProperty := &PathPatternConfigProperty{ Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_QueryStringConfigProperty ¶
type CfnListenerRule_QueryStringConfigProperty struct { // The key/value pairs or values to find in the query string. // // The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\' character. // // If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-querystringconfig.html#cfn-elasticloadbalancingv2-listenerrule-querystringconfig-values // Values interface{} `field:"optional" json:"values" yaml:"values"` }
Information about a query string condition.
The query string component of a URI starts after the first '?' character and is terminated by either a '#' character or the end of the URI. A typical query string contains key/value pairs separated by '&' characters. The allowed characters are specified by RFC 3986. Any character can be percentage encoded.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" queryStringConfigProperty := &QueryStringConfigProperty{ Values: []interface{}{ &QueryStringKeyValueProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
type CfnListenerRule_QueryStringKeyValueProperty ¶
type CfnListenerRule_QueryStringKeyValueProperty struct { // The key. // // You can omit the key. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-querystringkeyvalue.html#cfn-elasticloadbalancingv2-listenerrule-querystringkeyvalue-key // Key *string `field:"optional" json:"key" yaml:"key"` // The value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-querystringkeyvalue.html#cfn-elasticloadbalancingv2-listenerrule-querystringkeyvalue-value // Value *string `field:"optional" json:"value" yaml:"value"` }
Information about a key/value pair.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" queryStringKeyValueProperty := &QueryStringKeyValueProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }
type CfnListenerRule_RedirectConfigProperty ¶
type CfnListenerRule_RedirectConfigProperty struct { // The HTTP redirect code. // // The redirect is either permanent (HTTP 301) or temporary (HTTP 302). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-statuscode // StatusCode *string `field:"required" json:"statusCode" yaml:"statusCode"` // The hostname. // // This component is not percent-encoded. The hostname can contain #{host}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-host // Host *string `field:"optional" json:"host" yaml:"host"` // The absolute path, starting with the leading "/". // // This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-path // Path *string `field:"optional" json:"path" yaml:"path"` // The port. // // You can specify a value from 1 to 65535 or #{port}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-port // Port *string `field:"optional" json:"port" yaml:"port"` // The protocol. // // You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-protocol // Protocol *string `field:"optional" json:"protocol" yaml:"protocol"` // The query parameters, URL-encoded when necessary, but not percent-encoded. // // Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-redirectconfig.html#cfn-elasticloadbalancingv2-listenerrule-redirectconfig-query // Query *string `field:"optional" json:"query" yaml:"query"` }
Information about a redirect action.
A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values.
You can reuse URI components using the following reserved keywords:
- #{protocol} - #{host} - #{port} - #{path} (the leading "/" is removed) - #{query}
For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz".
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" redirectConfigProperty := &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }
type CfnListenerRule_RuleConditionProperty ¶
type CfnListenerRule_RuleConditionProperty struct { // The field in the HTTP request. The following are the possible values:. // // - `http-header` // - `http-request-method` // - `host-header` // - `path-pattern` // - `query-string` // - `source-ip`. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-field // Field *string `field:"optional" json:"field" yaml:"field"` // Information for a host header condition. // // Specify only when `Field` is `host-header` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-hostheaderconfig // HostHeaderConfig interface{} `field:"optional" json:"hostHeaderConfig" yaml:"hostHeaderConfig"` // Information for an HTTP header condition. // // Specify only when `Field` is `http-header` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httpheaderconfig // HttpHeaderConfig interface{} `field:"optional" json:"httpHeaderConfig" yaml:"httpHeaderConfig"` // Information for an HTTP method condition. // // Specify only when `Field` is `http-request-method` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-httprequestmethodconfig // HttpRequestMethodConfig interface{} `field:"optional" json:"httpRequestMethodConfig" yaml:"httpRequestMethodConfig"` // Information for a path pattern condition. // // Specify only when `Field` is `path-pattern` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-pathpatternconfig // PathPatternConfig interface{} `field:"optional" json:"pathPatternConfig" yaml:"pathPatternConfig"` // Information for a query string condition. // // Specify only when `Field` is `query-string` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-querystringconfig // QueryStringConfig interface{} `field:"optional" json:"queryStringConfig" yaml:"queryStringConfig"` // Information for a source IP condition. // // Specify only when `Field` is `source-ip` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-sourceipconfig // SourceIpConfig interface{} `field:"optional" json:"sourceIpConfig" yaml:"sourceIpConfig"` // The condition value. // // Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` . // // If `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters. // // - A-Z, a-z, 0-9 // - - . // - * (matches 0 or more characters) // - ? (matches exactly 1 character) // // If `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters. // // - A-Z, a-z, 0-9 // - _ - . $ / ~ " ' @ : + // - & (using &) // - * (matches 0 or more characters) // - ? (matches exactly 1 character) // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-rulecondition.html#cfn-elasticloadbalancingv2-listenerrule-rulecondition-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Specifies a condition for a listener rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" ruleConditionProperty := &RuleConditionProperty{ Field: jsii.String("field"), HostHeaderConfig: &HostHeaderConfigProperty{ Values: []*string{ jsii.String("values"), }, }, HttpHeaderConfig: &HttpHeaderConfigProperty{ HttpHeaderName: jsii.String("httpHeaderName"), Values: []*string{ jsii.String("values"), }, }, HttpRequestMethodConfig: &HttpRequestMethodConfigProperty{ Values: []*string{ jsii.String("values"), }, }, PathPatternConfig: &PathPatternConfigProperty{ Values: []*string{ jsii.String("values"), }, }, QueryStringConfig: &QueryStringConfigProperty{ Values: []interface{}{ &QueryStringKeyValueProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }, SourceIpConfig: &SourceIpConfigProperty{ Values: []*string{ jsii.String("values"), }, }, Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_SourceIpConfigProperty ¶
type CfnListenerRule_SourceIpConfigProperty struct { // The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. // // If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-sourceipconfig.html#cfn-elasticloadbalancingv2-listenerrule-sourceipconfig-values // Values *[]*string `field:"optional" json:"values" yaml:"values"` }
Information about a source IP condition.
You can use this condition to route based on the IP address of the source that connects to the load balancer. If a client is behind a proxy, this is the IP address of the proxy not the IP address of the client.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" sourceIpConfigProperty := &SourceIpConfigProperty{ Values: []*string{ jsii.String("values"), }, }
type CfnListenerRule_TargetGroupStickinessConfigProperty ¶
type CfnListenerRule_TargetGroupStickinessConfigProperty struct { // The time period, in seconds, during which requests from a client should be routed to the same target group. // // The range is 1-604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-targetgroupstickinessconfig.html#cfn-elasticloadbalancingv2-listenerrule-targetgroupstickinessconfig-durationseconds // DurationSeconds *float64 `field:"optional" json:"durationSeconds" yaml:"durationSeconds"` // Indicates whether target group stickiness is enabled. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-targetgroupstickinessconfig.html#cfn-elasticloadbalancingv2-listenerrule-targetgroupstickinessconfig-enabled // Enabled interface{} `field:"optional" json:"enabled" yaml:"enabled"` }
Information about the target group stickiness for a rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetGroupStickinessConfigProperty := &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }
type CfnListenerRule_TargetGroupTupleProperty ¶
type CfnListenerRule_TargetGroupTupleProperty struct { // The Amazon Resource Name (ARN) of the target group. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-targetgrouptuple.html#cfn-elasticloadbalancingv2-listenerrule-targetgrouptuple-targetgrouparn // TargetGroupArn *string `field:"optional" json:"targetGroupArn" yaml:"targetGroupArn"` // The weight. // // The range is 0 to 999. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-targetgrouptuple.html#cfn-elasticloadbalancingv2-listenerrule-targetgrouptuple-weight // Weight *float64 `field:"optional" json:"weight" yaml:"weight"` }
Information about how traffic will be distributed between multiple target groups in a forward rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetGroupTupleProperty := &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }
type CfnListener_ActionProperty ¶
type CfnListener_ActionProperty struct { // The type of action. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-type // Type *string `field:"required" json:"type" yaml:"type"` // [HTTPS listeners] Information for using Amazon Cognito to authenticate users. // // Specify only when `Type` is `authenticate-cognito` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-authenticatecognitoconfig // AuthenticateCognitoConfig interface{} `field:"optional" json:"authenticateCognitoConfig" yaml:"authenticateCognitoConfig"` // [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). // // Specify only when `Type` is `authenticate-oidc` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-authenticateoidcconfig // AuthenticateOidcConfig interface{} `field:"optional" json:"authenticateOidcConfig" yaml:"authenticateOidcConfig"` // [Application Load Balancer] Information for creating an action that returns a custom HTTP response. // // Specify only when `Type` is `fixed-response` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-fixedresponseconfig // FixedResponseConfig interface{} `field:"optional" json:"fixedResponseConfig" yaml:"fixedResponseConfig"` // Information for creating an action that distributes requests among one or more target groups. // // For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-forwardconfig // ForwardConfig interface{} `field:"optional" json:"forwardConfig" yaml:"forwardConfig"` // The order for the action. // // This value is required for rules with multiple actions. The action with the lowest value for order is performed first. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-order // Order *float64 `field:"optional" json:"order" yaml:"order"` // [Application Load Balancer] Information for creating a redirect action. // // Specify only when `Type` is `redirect` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-redirectconfig // RedirectConfig interface{} `field:"optional" json:"redirectConfig" yaml:"redirectConfig"` // The Amazon Resource Name (ARN) of the target group. // // Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-action.html#cfn-elasticloadbalancingv2-listener-action-targetgrouparn // TargetGroupArn *string `field:"optional" json:"targetGroupArn" yaml:"targetGroupArn"` }
Specifies an action for a listener rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" actionProperty := &ActionProperty{ Type: jsii.String("type"), // the properties below are optional AuthenticateCognitoConfig: &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), }, AuthenticateOidcConfig: &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), UseExistingClientSecret: jsii.Boolean(false), }, FixedResponseConfig: &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }, ForwardConfig: &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }, Order: jsii.Number(123), RedirectConfig: &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }, TargetGroupArn: jsii.String("targetGroupArn"), }
type CfnListener_AuthenticateCognitoConfigProperty ¶
type CfnListener_AuthenticateCognitoConfigProperty struct { // The Amazon Resource Name (ARN) of the Amazon Cognito user pool. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-userpoolarn // UserPoolArn *string `field:"required" json:"userPoolArn" yaml:"userPoolArn"` // The ID of the Amazon Cognito user pool client. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-userpoolclientid // UserPoolClientId *string `field:"required" json:"userPoolClientId" yaml:"userPoolClientId"` // The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-userpooldomain // UserPoolDomain *string `field:"required" json:"userPoolDomain" yaml:"userPoolDomain"` // The query parameters (up to 10) to include in the redirect request to the authorization endpoint. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-authenticationrequestextraparams // AuthenticationRequestExtraParams interface{} `field:"optional" json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"` // The behavior if the user is not authenticated. The following are possible values:. // // - deny “ - Return an HTTP 401 Unauthorized error. // - allow “ - Allow the request to be forwarded to the target. // - authenticate “ - Redirect the request to the IdP authorization endpoint. This is the default value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-onunauthenticatedrequest // OnUnauthenticatedRequest *string `field:"optional" json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"` // The set of user claims to be requested from the IdP. The default is `openid` . // // To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-scope // Scope *string `field:"optional" json:"scope" yaml:"scope"` // The name of the cookie used to maintain session information. // // The default is AWSELBAuthSessionCookie. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-sessioncookiename // SessionCookieName *string `field:"optional" json:"sessionCookieName" yaml:"sessionCookieName"` // The maximum duration of the authentication session, in seconds. // // The default is 604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticatecognitoconfig.html#cfn-elasticloadbalancingv2-listener-authenticatecognitoconfig-sessiontimeout // SessionTimeout *string `field:"optional" json:"sessionTimeout" yaml:"sessionTimeout"` }
Specifies information required when integrating with Amazon Cognito to authenticate users.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" authenticateCognitoConfigProperty := &AuthenticateCognitoConfigProperty{ UserPoolArn: jsii.String("userPoolArn"), UserPoolClientId: jsii.String("userPoolClientId"), UserPoolDomain: jsii.String("userPoolDomain"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), }
type CfnListener_AuthenticateOidcConfigProperty ¶
type CfnListener_AuthenticateOidcConfigProperty struct { // The authorization endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-authorizationendpoint // AuthorizationEndpoint *string `field:"required" json:"authorizationEndpoint" yaml:"authorizationEndpoint"` // The OAuth 2.0 client identifier. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-clientid // ClientId *string `field:"required" json:"clientId" yaml:"clientId"` // The OIDC issuer identifier of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-issuer // Issuer *string `field:"required" json:"issuer" yaml:"issuer"` // The token endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-tokenendpoint // TokenEndpoint *string `field:"required" json:"tokenEndpoint" yaml:"tokenEndpoint"` // The user info endpoint of the IdP. // // This must be a full URL, including the HTTPS protocol, the domain, and the path. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-userinfoendpoint // UserInfoEndpoint *string `field:"required" json:"userInfoEndpoint" yaml:"userInfoEndpoint"` // The query parameters (up to 10) to include in the redirect request to the authorization endpoint. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-authenticationrequestextraparams // AuthenticationRequestExtraParams interface{} `field:"optional" json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"` // The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-clientsecret // ClientSecret *string `field:"optional" json:"clientSecret" yaml:"clientSecret"` // The behavior if the user is not authenticated. The following are possible values:. // // - deny “ - Return an HTTP 401 Unauthorized error. // - allow “ - Allow the request to be forwarded to the target. // - authenticate “ - Redirect the request to the IdP authorization endpoint. This is the default value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-onunauthenticatedrequest // OnUnauthenticatedRequest *string `field:"optional" json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"` // The set of user claims to be requested from the IdP. The default is `openid` . // // To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-scope // Scope *string `field:"optional" json:"scope" yaml:"scope"` // The name of the cookie used to maintain session information. // // The default is AWSELBAuthSessionCookie. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-sessioncookiename // SessionCookieName *string `field:"optional" json:"sessionCookieName" yaml:"sessionCookieName"` // The maximum duration of the authentication session, in seconds. // // The default is 604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-sessiontimeout // SessionTimeout *string `field:"optional" json:"sessionTimeout" yaml:"sessionTimeout"` // Indicates whether to use the existing client secret when modifying a rule. // // If you are creating a rule, you can omit this parameter or set it to false. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-authenticateoidcconfig.html#cfn-elasticloadbalancingv2-listener-authenticateoidcconfig-useexistingclientsecret // UseExistingClientSecret interface{} `field:"optional" json:"useExistingClientSecret" yaml:"useExistingClientSecret"` }
Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" authenticateOidcConfigProperty := &AuthenticateOidcConfigProperty{ AuthorizationEndpoint: jsii.String("authorizationEndpoint"), ClientId: jsii.String("clientId"), Issuer: jsii.String("issuer"), TokenEndpoint: jsii.String("tokenEndpoint"), UserInfoEndpoint: jsii.String("userInfoEndpoint"), // the properties below are optional AuthenticationRequestExtraParams: map[string]*string{ "authenticationRequestExtraParamsKey": jsii.String("authenticationRequestExtraParams"), }, ClientSecret: jsii.String("clientSecret"), OnUnauthenticatedRequest: jsii.String("onUnauthenticatedRequest"), Scope: jsii.String("scope"), SessionCookieName: jsii.String("sessionCookieName"), SessionTimeout: jsii.String("sessionTimeout"), UseExistingClientSecret: jsii.Boolean(false), }
type CfnListener_CertificateProperty ¶
type CfnListener_CertificateProperty struct { // The Amazon Resource Name (ARN) of the certificate. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-certificate.html#cfn-elasticloadbalancingv2-listener-certificate-certificatearn // CertificateArn *string `field:"optional" json:"certificateArn" yaml:"certificateArn"` }
Specifies an SSL server certificate to use as the default certificate for a secure listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" certificateProperty := &CertificateProperty{ CertificateArn: jsii.String("certificateArn"), }
type CfnListener_FixedResponseConfigProperty ¶
type CfnListener_FixedResponseConfigProperty struct { // The HTTP response code (2XX, 4XX, or 5XX). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listener-fixedresponseconfig-statuscode // StatusCode *string `field:"required" json:"statusCode" yaml:"statusCode"` // The content type. // // Valid Values: text/plain | text/css | text/html | application/javascript | application/json. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listener-fixedresponseconfig-contenttype // ContentType *string `field:"optional" json:"contentType" yaml:"contentType"` // The message. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-fixedresponseconfig.html#cfn-elasticloadbalancingv2-listener-fixedresponseconfig-messagebody // MessageBody *string `field:"optional" json:"messageBody" yaml:"messageBody"` }
Specifies information required when returning a custom HTTP response.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" fixedResponseConfigProperty := &FixedResponseConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional ContentType: jsii.String("contentType"), MessageBody: jsii.String("messageBody"), }
type CfnListener_ForwardConfigProperty ¶
type CfnListener_ForwardConfigProperty struct { // Information about how traffic will be distributed between multiple target groups in a forward rule. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-forwardconfig.html#cfn-elasticloadbalancingv2-listener-forwardconfig-targetgroups // TargetGroups interface{} `field:"optional" json:"targetGroups" yaml:"targetGroups"` // Information about the target group stickiness for a rule. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-forwardconfig.html#cfn-elasticloadbalancingv2-listener-forwardconfig-targetgroupstickinessconfig // TargetGroupStickinessConfig interface{} `field:"optional" json:"targetGroupStickinessConfig" yaml:"targetGroupStickinessConfig"` }
Information for creating an action that distributes requests among one or more target groups.
For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" forwardConfigProperty := &ForwardConfigProperty{ TargetGroups: []interface{}{ &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }, }, TargetGroupStickinessConfig: &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }, }
type CfnListener_MutualAuthenticationProperty ¶ added in v2.112.0
type CfnListener_MutualAuthenticationProperty struct { // Indicates whether expired client certificates are ignored. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-mutualauthentication.html#cfn-elasticloadbalancingv2-listener-mutualauthentication-ignoreclientcertificateexpiry // IgnoreClientCertificateExpiry interface{} `field:"optional" json:"ignoreClientCertificateExpiry" yaml:"ignoreClientCertificateExpiry"` // The client certificate handling method. // // Options are `off` , `passthrough` or `verify` . The default value is `off` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-mutualauthentication.html#cfn-elasticloadbalancingv2-listener-mutualauthentication-mode // Mode *string `field:"optional" json:"mode" yaml:"mode"` // The Amazon Resource Name (ARN) of the trust store. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-mutualauthentication.html#cfn-elasticloadbalancingv2-listener-mutualauthentication-truststorearn // TrustStoreArn *string `field:"optional" json:"trustStoreArn" yaml:"trustStoreArn"` }
Specifies the configuration information for mutual authentication.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" mutualAuthenticationProperty := &MutualAuthenticationProperty{ IgnoreClientCertificateExpiry: jsii.Boolean(false), Mode: jsii.String("mode"), TrustStoreArn: jsii.String("trustStoreArn"), }
type CfnListener_RedirectConfigProperty ¶
type CfnListener_RedirectConfigProperty struct { // The HTTP redirect code. // // The redirect is either permanent (HTTP 301) or temporary (HTTP 302). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-statuscode // StatusCode *string `field:"required" json:"statusCode" yaml:"statusCode"` // The hostname. // // This component is not percent-encoded. The hostname can contain #{host}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-host // Host *string `field:"optional" json:"host" yaml:"host"` // The absolute path, starting with the leading "/". // // This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-path // Path *string `field:"optional" json:"path" yaml:"path"` // The port. // // You can specify a value from 1 to 65535 or #{port}. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-port // Port *string `field:"optional" json:"port" yaml:"port"` // The protocol. // // You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-protocol // Protocol *string `field:"optional" json:"protocol" yaml:"protocol"` // The query parameters, URL-encoded when necessary, but not percent-encoded. // // Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html#cfn-elasticloadbalancingv2-listener-redirectconfig-query // Query *string `field:"optional" json:"query" yaml:"query"` }
Information about a redirect action.
A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values.
You can reuse URI components using the following reserved keywords:
- #{protocol} - #{host} - #{port} - #{path} (the leading "/" is removed) - #{query}
For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz".
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" redirectConfigProperty := &RedirectConfigProperty{ StatusCode: jsii.String("statusCode"), // the properties below are optional Host: jsii.String("host"), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }
type CfnListener_TargetGroupStickinessConfigProperty ¶
type CfnListener_TargetGroupStickinessConfigProperty struct { // The time period, in seconds, during which requests from a client should be routed to the same target group. // // The range is 1-604800 seconds (7 days). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-targetgroupstickinessconfig.html#cfn-elasticloadbalancingv2-listener-targetgroupstickinessconfig-durationseconds // DurationSeconds *float64 `field:"optional" json:"durationSeconds" yaml:"durationSeconds"` // Indicates whether target group stickiness is enabled. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-targetgroupstickinessconfig.html#cfn-elasticloadbalancingv2-listener-targetgroupstickinessconfig-enabled // Enabled interface{} `field:"optional" json:"enabled" yaml:"enabled"` }
Information about the target group stickiness for a rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetGroupStickinessConfigProperty := &TargetGroupStickinessConfigProperty{ DurationSeconds: jsii.Number(123), Enabled: jsii.Boolean(false), }
type CfnListener_TargetGroupTupleProperty ¶
type CfnListener_TargetGroupTupleProperty struct { // The Amazon Resource Name (ARN) of the target group. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-targetgrouptuple.html#cfn-elasticloadbalancingv2-listener-targetgrouptuple-targetgrouparn // TargetGroupArn *string `field:"optional" json:"targetGroupArn" yaml:"targetGroupArn"` // The weight. // // The range is 0 to 999. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-targetgrouptuple.html#cfn-elasticloadbalancingv2-listener-targetgrouptuple-weight // Weight *float64 `field:"optional" json:"weight" yaml:"weight"` }
Information about how traffic will be distributed between multiple target groups in a forward rule.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetGroupTupleProperty := &TargetGroupTupleProperty{ TargetGroupArn: jsii.String("targetGroupArn"), Weight: jsii.Number(123), }
type CfnLoadBalancer ¶
type CfnLoadBalancer interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable // The ID of the Amazon Route 53 hosted zone associated with the load balancer. // // For example, `Z2P70J7EXAMPLE` . AttrCanonicalHostedZoneId() *string // The DNS name for the load balancer. // // For example, `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` . AttrDnsName() *string // The Amazon Resource Name (ARN) of the load balancer. AttrLoadBalancerArn() *string // The full name of the load balancer. // // For example, `app/my-load-balancer/50dc6c495c0c9188` . AttrLoadBalancerFullName() *string // The name of the load balancer. // // For example, `my-load-balancer` . AttrLoadBalancerName() *string // The IDs of the security groups for the load balancer. AttrSecurityGroups() *[]*string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic() *string SetEnforceSecurityGroupInboundRulesOnPrivateLinkTraffic(val *string) // Note: Internal load balancers must use the `ipv4` IP address type. IpAddressType() *string SetIpAddressType(val *string) // The load balancer attributes. LoadBalancerAttributes() interface{} SetLoadBalancerAttributes(val interface{}) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The name of the load balancer. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The nodes of an Internet-facing load balancer have public IP addresses. Scheme() *string SetScheme(val *string) // [Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer. SecurityGroups() *[]*string SetSecurityGroups(val *[]*string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // The IDs of the subnets. SubnetMappings() interface{} SetSubnetMappings(val interface{}) // The IDs of the subnets. Subnets() *[]*string SetSubnets(val *[]*string) // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // The tags to assign to the load balancer. TagsRaw() *[]*awscdk.CfnTag SetTagsRaw(val *[]*awscdk.CfnTag) // The type of load balancer. Type() *string SetType(val *string) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Specifies an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnLoadBalancer := awscdk.Aws_elasticloadbalancingv2.NewCfnLoadBalancer(this, jsii.String("MyCfnLoadBalancer"), &CfnLoadBalancerProps{ EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic: jsii.String("enforceSecurityGroupInboundRulesOnPrivateLinkTraffic"), IpAddressType: jsii.String("ipAddressType"), LoadBalancerAttributes: []interface{}{ &LoadBalancerAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Name: jsii.String("name"), Scheme: jsii.String("scheme"), SecurityGroups: []*string{ jsii.String("securityGroups"), }, SubnetMappings: []interface{}{ &SubnetMappingProperty{ SubnetId: jsii.String("subnetId"), // the properties below are optional AllocationId: jsii.String("allocationId"), IPv6Address: jsii.String("iPv6Address"), PrivateIPv4Address: jsii.String("privateIPv4Address"), }, }, Subnets: []*string{ jsii.String("subnets"), }, Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Type: jsii.String("type"), })
func NewCfnLoadBalancer ¶
func NewCfnLoadBalancer(scope constructs.Construct, id *string, props *CfnLoadBalancerProps) CfnLoadBalancer
type CfnLoadBalancerProps ¶
type CfnLoadBalancerProps struct { // Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-enforcesecuritygroupinboundrulesonprivatelinktraffic // EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic *string `` /* 136-byte string literal not displayed */ // Note: Internal load balancers must use the `ipv4` IP address type. // // [Application Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses), `dualstack` (for IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). // // Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. // // [Network Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses) and `dualstack` (for IPv4 and IPv6 addresses). You can’t specify `dualstack` for a load balancer with a UDP or TCP_UDP listener. // // [Gateway Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses) and `dualstack` (for IPv4 and IPv6 addresses). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-ipaddresstype // IpAddressType *string `field:"optional" json:"ipAddressType" yaml:"ipAddressType"` // The load balancer attributes. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattributes // LoadBalancerAttributes interface{} `field:"optional" json:"loadBalancerAttributes" yaml:"loadBalancerAttributes"` // The name of the load balancer. // // This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with "internal-". // // If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-name // Name *string `field:"optional" json:"name" yaml:"name"` // The nodes of an Internet-facing load balancer have public IP addresses. // // The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet. // // The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer. // // The default is an Internet-facing load balancer. // // You cannot specify a scheme for a Gateway Load Balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-scheme // Scheme *string `field:"optional" json:"scheme" yaml:"scheme"` // [Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-securitygroups // SecurityGroups *[]*string `field:"optional" json:"securityGroups" yaml:"securityGroups"` // The IDs of the subnets. // // You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. // // [Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets. // // [Application Load Balancers on Outposts] You must specify one Outpost subnet. // // [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones. // // [Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet. // // [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmappings // SubnetMappings interface{} `field:"optional" json:"subnetMappings" yaml:"subnetMappings"` // The IDs of the subnets. // // You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets. // // [Application Load Balancers] You must specify subnets from at least two Availability Zones. // // [Application Load Balancers on Outposts] You must specify one Outpost subnet. // // [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones. // // [Network Load Balancers] You can specify subnets from one or more Availability Zones. // // [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-subnets // Subnets *[]*string `field:"optional" json:"subnets" yaml:"subnets"` // The tags to assign to the load balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` // The type of load balancer. // // The default is `application` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-type // Type *string `field:"optional" json:"type" yaml:"type"` }
Properties for defining a `CfnLoadBalancer`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnLoadBalancerProps := &CfnLoadBalancerProps{ EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic: jsii.String("enforceSecurityGroupInboundRulesOnPrivateLinkTraffic"), IpAddressType: jsii.String("ipAddressType"), LoadBalancerAttributes: []interface{}{ &LoadBalancerAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Name: jsii.String("name"), Scheme: jsii.String("scheme"), SecurityGroups: []*string{ jsii.String("securityGroups"), }, SubnetMappings: []interface{}{ &SubnetMappingProperty{ SubnetId: jsii.String("subnetId"), // the properties below are optional AllocationId: jsii.String("allocationId"), IPv6Address: jsii.String("iPv6Address"), PrivateIPv4Address: jsii.String("privateIPv4Address"), }, }, Subnets: []*string{ jsii.String("subnets"), }, Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Type: jsii.String("type"), }
type CfnLoadBalancer_LoadBalancerAttributeProperty ¶
type CfnLoadBalancer_LoadBalancerAttributeProperty struct { // The name of the attribute. // // The following attributes are supported by all load balancers: // // - `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` . // - `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and cannot be changed. // // The following attributes are supported by both Application Load Balancers and Network Load Balancers: // // - `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` . // - `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. // - `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs. // - `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway. // // The following attributes are supported by only Application Load Balancers: // // - `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds. // - `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds. // - `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` . // - `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. // - `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs. // - `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` . // - `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` . // - `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` . // - `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` . // - `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` . // - `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` . // // - If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets. // - If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change. // - If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets. // - `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. // - `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` . // // The following attributes are supported by only Network Load Balancers: // // - `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattribute-key // Key *string `field:"optional" json:"key" yaml:"key"` // The value of the attribute. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattribute-value // Value *string `field:"optional" json:"value" yaml:"value"` }
Specifies an attribute for an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" loadBalancerAttributeProperty := &LoadBalancerAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }
type CfnLoadBalancer_SubnetMappingProperty ¶
type CfnLoadBalancer_SubnetMappingProperty struct { // The ID of the subnet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-subnetid // SubnetId *string `field:"required" json:"subnetId" yaml:"subnetId"` // [Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-allocationid // AllocationId *string `field:"optional" json:"allocationId" yaml:"allocationId"` // [Network Load Balancers] The IPv6 address. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-ipv6address // IPv6Address *string `field:"optional" json:"iPv6Address" yaml:"iPv6Address"` // [Network Load Balancers] The private IPv4 address for an internal load balancer. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-privateipv4address // PrivateIPv4Address *string `field:"optional" json:"privateIPv4Address" yaml:"privateIPv4Address"` }
Specifies a subnet for a load balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" subnetMappingProperty := &SubnetMappingProperty{ SubnetId: jsii.String("subnetId"), // the properties below are optional AllocationId: jsii.String("allocationId"), IPv6Address: jsii.String("iPv6Address"), PrivateIPv4Address: jsii.String("privateIPv4Address"), }
type CfnTargetGroup ¶
type CfnTargetGroup interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable // The Amazon Resource Name (ARN) of the load balancer that routes traffic to this target group. AttrLoadBalancerArns() *[]*string // The Amazon Resource Name (ARN) of the target group. AttrTargetGroupArn() *string // The full name of the target group. // // For example, `targetgroup/my-target-group/cbf133c568e0d028` . AttrTargetGroupFullName() *string // The name of the target group. // // For example, `my-target-group` . AttrTargetGroupName() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // Indicates whether health checks are enabled. HealthCheckEnabled() interface{} SetHealthCheckEnabled(val interface{}) // The approximate amount of time, in seconds, between health checks of an individual target. HealthCheckIntervalSeconds() *float64 SetHealthCheckIntervalSeconds(val *float64) // [HTTP/HTTPS health checks] The destination for health checks on the targets. HealthCheckPath() *string SetHealthCheckPath(val *string) // The port the load balancer uses when performing health checks on targets. HealthCheckPort() *string SetHealthCheckPort(val *string) // The protocol the load balancer uses when performing health checks on targets. HealthCheckProtocol() *string SetHealthCheckProtocol(val *string) // The amount of time, in seconds, during which no response from a target means a failed health check. HealthCheckTimeoutSeconds() *float64 SetHealthCheckTimeoutSeconds(val *float64) // The number of consecutive health check successes required before considering a target healthy. HealthyThresholdCount() *float64 SetHealthyThresholdCount(val *float64) // The type of IP address used for this target group. IpAddressType() *string SetIpAddressType(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. Matcher() interface{} SetMatcher(val interface{}) // The name of the target group. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // The port on which the targets receive traffic. Port() *float64 SetPort(val *float64) // The protocol to use for routing traffic to the targets. Protocol() *string SetProtocol(val *string) // [HTTP/HTTPS protocol] The protocol version. ProtocolVersion() *string SetProtocolVersion(val *string) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // The tags. TagsRaw() *[]*awscdk.CfnTag SetTagsRaw(val *[]*awscdk.CfnTag) // The attributes. TargetGroupAttributes() interface{} SetTargetGroupAttributes(val interface{}) // The targets. Targets() interface{} SetTargets(val interface{}) // The type of target that you must specify when registering targets with this target group. TargetType() *string SetTargetType(val *string) // The number of consecutive health check failures required before considering a target unhealthy. UnhealthyThresholdCount() *float64 SetUnhealthyThresholdCount(val *float64) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // The identifier of the virtual private cloud (VPC). VpcId() *string SetVpcId(val *string) // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Specifies a target group for an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.
Before you register a Lambda function as a target, you must create a `AWS::Lambda::Permission` resource that grants the Elastic Load Balancing service principal permission to invoke the Lambda function.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTargetGroup := awscdk.Aws_elasticloadbalancingv2.NewCfnTargetGroup(this, jsii.String("MyCfnTargetGroup"), &CfnTargetGroupProps{ HealthCheckEnabled: jsii.Boolean(false), HealthCheckIntervalSeconds: jsii.Number(123), HealthCheckPath: jsii.String("healthCheckPath"), HealthCheckPort: jsii.String("healthCheckPort"), HealthCheckProtocol: jsii.String("healthCheckProtocol"), HealthCheckTimeoutSeconds: jsii.Number(123), HealthyThresholdCount: jsii.Number(123), IpAddressType: jsii.String("ipAddressType"), Matcher: &MatcherProperty{ GrpcCode: jsii.String("grpcCode"), HttpCode: jsii.String("httpCode"), }, Name: jsii.String("name"), Port: jsii.Number(123), Protocol: jsii.String("protocol"), ProtocolVersion: jsii.String("protocolVersion"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, TargetGroupAttributes: []interface{}{ &TargetGroupAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Targets: []interface{}{ &TargetDescriptionProperty{ Id: jsii.String("id"), // the properties below are optional AvailabilityZone: jsii.String("availabilityZone"), Port: jsii.Number(123), }, }, TargetType: jsii.String("targetType"), UnhealthyThresholdCount: jsii.Number(123), VpcId: jsii.String("vpcId"), })
func NewCfnTargetGroup ¶
func NewCfnTargetGroup(scope constructs.Construct, id *string, props *CfnTargetGroupProps) CfnTargetGroup
type CfnTargetGroupProps ¶
type CfnTargetGroupProps struct { // Indicates whether health checks are enabled. // // If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and cannot be disabled. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthcheckenabled // HealthCheckEnabled interface{} `field:"optional" json:"healthCheckEnabled" yaml:"healthCheckEnabled"` // The approximate amount of time, in seconds, between health checks of an individual target. // // The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthcheckintervalseconds // HealthCheckIntervalSeconds *float64 `field:"optional" json:"healthCheckIntervalSeconds" yaml:"healthCheckIntervalSeconds"` // [HTTP/HTTPS health checks] The destination for health checks on the targets. // // [HTTP1 or HTTP2 protocol version] The ping path. The default is /. // // [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthcheckpath // HealthCheckPath *string `field:"optional" json:"healthCheckPath" yaml:"healthCheckPath"` // The port the load balancer uses when performing health checks on targets. // // If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthcheckport // HealthCheckPort *string `field:"optional" json:"healthCheckPort" yaml:"healthCheckPort"` // The protocol the load balancer uses when performing health checks on targets. // // For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthcheckprotocol // HealthCheckProtocol *string `field:"optional" json:"healthCheckProtocol" yaml:"healthCheckProtocol"` // The amount of time, in seconds, during which no response from a target means a failed health check. // // The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthchecktimeoutseconds // HealthCheckTimeoutSeconds *float64 `field:"optional" json:"healthCheckTimeoutSeconds" yaml:"healthCheckTimeoutSeconds"` // The number of consecutive health check successes required before considering a target healthy. // // The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-healthythresholdcount // HealthyThresholdCount *float64 `field:"optional" json:"healthyThresholdCount" yaml:"healthyThresholdCount"` // The type of IP address used for this target group. // // The possible values are `ipv4` and `ipv6` . This is an optional parameter. If not specified, the IP address type defaults to `ipv4` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-ipaddresstype // IpAddressType *string `field:"optional" json:"ipAddressType" yaml:"ipAddressType"` // [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. // // For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-matcher // Matcher interface{} `field:"optional" json:"matcher" yaml:"matcher"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-name // Name *string `field:"optional" json:"name" yaml:"name"` // The port on which the targets receive traffic. // // This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-port // Port *float64 `field:"optional" json:"port" yaml:"port"` // The protocol to use for routing traffic to the targets. // // For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-protocol // Protocol *string `field:"optional" json:"protocol" yaml:"protocol"` // [HTTP/HTTPS protocol] The protocol version. // // The possible values are `GRPC` , `HTTP1` , and `HTTP2` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-protocolversion // ProtocolVersion *string `field:"optional" json:"protocolVersion" yaml:"protocolVersion"` // The tags. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` // The attributes. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-targetgroupattributes // TargetGroupAttributes interface{} `field:"optional" json:"targetGroupAttributes" yaml:"targetGroupAttributes"` // The targets. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-targets // Targets interface{} `field:"optional" json:"targets" yaml:"targets"` // The type of target that you must specify when registering targets with this target group. // // You can't specify targets for a target group using more than one target type. // // - `instance` - Register targets by instance ID. This is the default value. // - `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses. // - `lambda` - Register a single Lambda function as a target. // - `alb` - Register a single Application Load Balancer as a target. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-targettype // TargetType *string `field:"optional" json:"targetType" yaml:"targetType"` // The number of consecutive health check failures required before considering a target unhealthy. // // The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-unhealthythresholdcount // UnhealthyThresholdCount *float64 `field:"optional" json:"unhealthyThresholdCount" yaml:"unhealthyThresholdCount"` // The identifier of the virtual private cloud (VPC). // // If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#cfn-elasticloadbalancingv2-targetgroup-vpcid // VpcId *string `field:"optional" json:"vpcId" yaml:"vpcId"` }
Properties for defining a `CfnTargetGroup`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTargetGroupProps := &CfnTargetGroupProps{ HealthCheckEnabled: jsii.Boolean(false), HealthCheckIntervalSeconds: jsii.Number(123), HealthCheckPath: jsii.String("healthCheckPath"), HealthCheckPort: jsii.String("healthCheckPort"), HealthCheckProtocol: jsii.String("healthCheckProtocol"), HealthCheckTimeoutSeconds: jsii.Number(123), HealthyThresholdCount: jsii.Number(123), IpAddressType: jsii.String("ipAddressType"), Matcher: &MatcherProperty{ GrpcCode: jsii.String("grpcCode"), HttpCode: jsii.String("httpCode"), }, Name: jsii.String("name"), Port: jsii.Number(123), Protocol: jsii.String("protocol"), ProtocolVersion: jsii.String("protocolVersion"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, TargetGroupAttributes: []interface{}{ &TargetGroupAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, Targets: []interface{}{ &TargetDescriptionProperty{ Id: jsii.String("id"), // the properties below are optional AvailabilityZone: jsii.String("availabilityZone"), Port: jsii.Number(123), }, }, TargetType: jsii.String("targetType"), UnhealthyThresholdCount: jsii.Number(123), VpcId: jsii.String("vpcId"), }
type CfnTargetGroup_MatcherProperty ¶
type CfnTargetGroup_MatcherProperty struct { // You can specify values between 0 and 99. // // You can specify multiple values (for example, "0,1") or a range of values (for example, "0-5"). The default value is 12. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-matcher.html#cfn-elasticloadbalancingv2-targetgroup-matcher-grpccode // GrpcCode *string `field:"optional" json:"grpcCode" yaml:"grpcCode"` // For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. // // You can specify multiple values (for example, "200,202") or a range of values (for example, "200-299"). // // For Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, "200,202") or a range of values (for example, "200-299"). // // For Gateway Load Balancers, this must be "200–399". // // Note that when using shorthand syntax, some values such as commas need to be escaped. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-matcher.html#cfn-elasticloadbalancingv2-targetgroup-matcher-httpcode // HttpCode *string `field:"optional" json:"httpCode" yaml:"httpCode"` }
Specifies the HTTP codes that healthy targets must use when responding to an HTTP health check.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" matcherProperty := &MatcherProperty{ GrpcCode: jsii.String("grpcCode"), HttpCode: jsii.String("httpCode"), }
type CfnTargetGroup_TargetDescriptionProperty ¶
type CfnTargetGroup_TargetDescriptionProperty struct { // The ID of the target. // // If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetdescription.html#cfn-elasticloadbalancingv2-targetgroup-targetdescription-id // Id *string `field:"required" json:"id" yaml:"id"` // An Availability Zone or `all` . // // This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. // // For Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` . // // This parameter is not supported if the target type of the target group is `instance` or `alb` . // // If the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required. // // For Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group. // // If the target type is `lambda` , this parameter is optional and the only supported value is `all` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetdescription.html#cfn-elasticloadbalancingv2-targetgroup-targetdescription-availabilityzone // AvailabilityZone *string `field:"optional" json:"availabilityZone" yaml:"availabilityZone"` // The port on which the target is listening. // // If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetdescription.html#cfn-elasticloadbalancingv2-targetgroup-targetdescription-port // Port *float64 `field:"optional" json:"port" yaml:"port"` }
Specifies a target to add to a target group.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetDescriptionProperty := &TargetDescriptionProperty{ Id: jsii.String("id"), // the properties below are optional AvailabilityZone: jsii.String("availabilityZone"), Port: jsii.Number(123), }
type CfnTargetGroup_TargetGroupAttributeProperty ¶
type CfnTargetGroup_TargetGroupAttributeProperty struct { // The name of the attribute. // // The following attributes are supported by all load balancers: // // - `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported. // - `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` . // - `stickiness.type` - Indicates the type of stickiness. The possible values are: // // - `lb_cookie` and `app_cookie` for Application Load Balancers. // - `source_ip` for Network Load Balancers. // - `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers. // // The following attributes are supported by Application Load Balancers and Network Load Balancers: // // - `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` . // - `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is `off` . // - `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` . // - `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1. // - `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` . // // The following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address: // // - `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` . // - `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` . // - `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled). // - `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer. // - `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). // - `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). // // The following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function: // // - `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client. // // The following attributes are supported only by Network Load Balancers: // // - `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` . // - `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation cannot be disabled for UDP and TCP_UDP target groups. // - `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` . // - `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` . // - `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds. // // Note: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` . // // The following attributes are supported only by Gateway Load Balancers: // // - `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same. // - `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) cannot be set independently. The value you set for both attributes must be the same. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetgroupattribute.html#cfn-elasticloadbalancingv2-targetgroup-targetgroupattribute-key // Key *string `field:"optional" json:"key" yaml:"key"` // The value of the attribute. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetgroupattribute.html#cfn-elasticloadbalancingv2-targetgroup-targetgroupattribute-value // Value *string `field:"optional" json:"value" yaml:"value"` }
Specifies a target group attribute.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetGroupAttributeProperty := &TargetGroupAttributeProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }
type CfnTrustStore ¶ added in v2.112.0
type CfnTrustStore interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggableV2 // The number of ca certificates in the trust store. AttrNumberOfCaCertificates() *float64 // The current status of the trust store. AttrStatus() *string // The Amazon Resource Name (ARN) of the trust store. AttrTrustStoreArn() *string // The Amazon S3 bucket for the ca certificates bundle. CaCertificatesBundleS3Bucket() *string SetCaCertificatesBundleS3Bucket(val *string) // The Amazon S3 path for the ca certificates bundle. CaCertificatesBundleS3Key() *string SetCaCertificatesBundleS3Key(val *string) // The Amazon S3 object version for the ca certificates bundle. CaCertificatesBundleS3ObjectVersion() *string SetCaCertificatesBundleS3ObjectVersion(val *string) // Tag Manager which manages the tags for this resource. CdkTagManager() awscdk.TagManager // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The name of the trust store. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // The tags to assign to the trust store. Tags() *[]*awscdk.CfnTag SetTags(val *[]*awscdk.CfnTag) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Creates a trust store.
You must specify `CaCertificatesBundleS3Bucket` and `CaCertificatesBundleS3Key` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTrustStore := awscdk.Aws_elasticloadbalancingv2.NewCfnTrustStore(this, jsii.String("MyCfnTrustStore"), &CfnTrustStoreProps{ CaCertificatesBundleS3Bucket: jsii.String("caCertificatesBundleS3Bucket"), CaCertificatesBundleS3Key: jsii.String("caCertificatesBundleS3Key"), CaCertificatesBundleS3ObjectVersion: jsii.String("caCertificatesBundleS3ObjectVersion"), Name: jsii.String("name"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, })
func NewCfnTrustStore ¶ added in v2.112.0
func NewCfnTrustStore(scope constructs.Construct, id *string, props *CfnTrustStoreProps) CfnTrustStore
type CfnTrustStoreProps ¶ added in v2.112.0
type CfnTrustStoreProps struct { // The Amazon S3 bucket for the ca certificates bundle. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststore.html#cfn-elasticloadbalancingv2-truststore-cacertificatesbundles3bucket // CaCertificatesBundleS3Bucket *string `field:"optional" json:"caCertificatesBundleS3Bucket" yaml:"caCertificatesBundleS3Bucket"` // The Amazon S3 path for the ca certificates bundle. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststore.html#cfn-elasticloadbalancingv2-truststore-cacertificatesbundles3key // CaCertificatesBundleS3Key *string `field:"optional" json:"caCertificatesBundleS3Key" yaml:"caCertificatesBundleS3Key"` // The Amazon S3 object version for the ca certificates bundle. // // If undefined the current version is used. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststore.html#cfn-elasticloadbalancingv2-truststore-cacertificatesbundles3objectversion // CaCertificatesBundleS3ObjectVersion *string `field:"optional" json:"caCertificatesBundleS3ObjectVersion" yaml:"caCertificatesBundleS3ObjectVersion"` // The name of the trust store. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststore.html#cfn-elasticloadbalancingv2-truststore-name // Name *string `field:"optional" json:"name" yaml:"name"` // The tags to assign to the trust store. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststore.html#cfn-elasticloadbalancingv2-truststore-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnTrustStore`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTrustStoreProps := &CfnTrustStoreProps{ CaCertificatesBundleS3Bucket: jsii.String("caCertificatesBundleS3Bucket"), CaCertificatesBundleS3Key: jsii.String("caCertificatesBundleS3Key"), CaCertificatesBundleS3ObjectVersion: jsii.String("caCertificatesBundleS3ObjectVersion"), Name: jsii.String("name"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
type CfnTrustStoreRevocation ¶ added in v2.112.0
type CfnTrustStoreRevocation interface { awscdk.CfnResource awscdk.IInspectable // The revocation ID of the revocation file. AttrRevocationId() *float64 // Information about the revocation file in the trust store. AttrTrustStoreRevocations() awscdk.IResolvable // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The revocation file to add. RevocationContents() interface{} SetRevocationContents(val interface{}) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // The Amazon Resource Name (ARN) of the trust store. TrustStoreArn() *string SetTrustStoreArn(val *string) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
Adds the specified revocation contents to the specified trust store.
You must specify `TrustStoreArn` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTrustStoreRevocation := awscdk.Aws_elasticloadbalancingv2.NewCfnTrustStoreRevocation(this, jsii.String("MyCfnTrustStoreRevocation"), &CfnTrustStoreRevocationProps{ RevocationContents: []interface{}{ &RevocationContentProperty{ RevocationType: jsii.String("revocationType"), S3Bucket: jsii.String("s3Bucket"), S3Key: jsii.String("s3Key"), S3ObjectVersion: jsii.String("s3ObjectVersion"), }, }, TrustStoreArn: jsii.String("trustStoreArn"), })
func NewCfnTrustStoreRevocation ¶ added in v2.112.0
func NewCfnTrustStoreRevocation(scope constructs.Construct, id *string, props *CfnTrustStoreRevocationProps) CfnTrustStoreRevocation
type CfnTrustStoreRevocationProps ¶ added in v2.112.0
type CfnTrustStoreRevocationProps struct { // The revocation file to add. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-revocationcontents // RevocationContents interface{} `field:"optional" json:"revocationContents" yaml:"revocationContents"` // The Amazon Resource Name (ARN) of the trust store. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-truststorearn // TrustStoreArn *string `field:"optional" json:"trustStoreArn" yaml:"trustStoreArn"` }
Properties for defining a `CfnTrustStoreRevocation`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnTrustStoreRevocationProps := &CfnTrustStoreRevocationProps{ RevocationContents: []interface{}{ &RevocationContentProperty{ RevocationType: jsii.String("revocationType"), S3Bucket: jsii.String("s3Bucket"), S3Key: jsii.String("s3Key"), S3ObjectVersion: jsii.String("s3ObjectVersion"), }, }, TrustStoreArn: jsii.String("trustStoreArn"), }
type CfnTrustStoreRevocation_RevocationContentProperty ¶ added in v2.112.0
type CfnTrustStoreRevocation_RevocationContentProperty struct { // The type of revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-revocationcontent.html#cfn-elasticloadbalancingv2-truststorerevocation-revocationcontent-revocationtype // RevocationType *string `field:"optional" json:"revocationType" yaml:"revocationType"` // The Amazon S3 bucket for the revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-revocationcontent.html#cfn-elasticloadbalancingv2-truststorerevocation-revocationcontent-s3bucket // S3Bucket *string `field:"optional" json:"s3Bucket" yaml:"s3Bucket"` // The Amazon S3 path for the revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-revocationcontent.html#cfn-elasticloadbalancingv2-truststorerevocation-revocationcontent-s3key // S3Key *string `field:"optional" json:"s3Key" yaml:"s3Key"` // The Amazon S3 object version of the revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-revocationcontent.html#cfn-elasticloadbalancingv2-truststorerevocation-revocationcontent-s3objectversion // S3ObjectVersion *string `field:"optional" json:"s3ObjectVersion" yaml:"s3ObjectVersion"` }
Information about a revocation file.
You must specify `S3Bucket` and `S3Key` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" revocationContentProperty := &RevocationContentProperty{ RevocationType: jsii.String("revocationType"), S3Bucket: jsii.String("s3Bucket"), S3Key: jsii.String("s3Key"), S3ObjectVersion: jsii.String("s3ObjectVersion"), }
type CfnTrustStoreRevocation_TrustStoreRevocationProperty ¶ added in v2.112.0
type CfnTrustStoreRevocation_TrustStoreRevocationProperty struct { // The number of revoked certificates. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-truststorerevocation-numberofrevokedentries // NumberOfRevokedEntries *float64 `field:"optional" json:"numberOfRevokedEntries" yaml:"numberOfRevokedEntries"` // The revocation ID of the revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-truststorerevocation-revocationid // RevocationId *string `field:"optional" json:"revocationId" yaml:"revocationId"` // The type of revocation file. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-truststorerevocation-revocationtype // RevocationType *string `field:"optional" json:"revocationType" yaml:"revocationType"` // The Amazon Resource Name (ARN) of the trust store. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-truststorerevocation-truststorerevocation.html#cfn-elasticloadbalancingv2-truststorerevocation-truststorerevocation-truststorearn // TrustStoreArn *string `field:"optional" json:"trustStoreArn" yaml:"trustStoreArn"` }
Information about a revocation file in use by a trust store.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" trustStoreRevocationProperty := &TrustStoreRevocationProperty{ NumberOfRevokedEntries: jsii.Number(123), RevocationId: jsii.String("revocationId"), RevocationType: jsii.String("revocationType"), TrustStoreArn: jsii.String("trustStoreArn"), }
type ClientRoutingPolicy ¶ added in v2.134.0
type ClientRoutingPolicy string
Indicates how traffic is distributed among the load balancer Availability Zones.
Example:
var vpc vpc lb := elbv2.NewNetworkLoadBalancer(this, jsii.String("LB"), &NetworkLoadBalancerProps{ Vpc: Vpc, // Whether deletion protection is enabled. DeletionProtection: jsii.Boolean(true), // Whether cross-zone load balancing is enabled. CrossZoneEnabled: jsii.Boolean(true), // Whether the load balancer blocks traffic through the Internet Gateway (IGW). DenyAllIgwTraffic: jsii.Boolean(false), // Indicates how traffic is distributed among the load balancer Availability Zones. ClientRoutingPolicy: elbv2.ClientRoutingPolicy_AVAILABILITY_ZONE_AFFINITY, })
const ( // 100 percent zonal affinity. ClientRoutingPolicy_AVAILABILITY_ZONE_AFFINITY ClientRoutingPolicy = "AVAILABILITY_ZONE_AFFINITY" // 85 percent zonal affinity. ClientRoutingPolicy_PARTIAL_AVAILABILITY_ZONE_AFFINITY ClientRoutingPolicy = "PARTIAL_AVAILABILITY_ZONE_AFFINITY" // No zonal affinity. ClientRoutingPolicy_ANY_AVAILABILITY_ZONE ClientRoutingPolicy = "ANY_AVAILABILITY_ZONE" )
type DesyncMitigationMode ¶ added in v2.54.0
type DesyncMitigationMode string
How the load balancer handles requests that might pose a security risk to your application.
Example:
var vpc vpc lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), // Whether HTTP/2 is enabled Http2Enabled: jsii.Boolean(false), // The idle timeout value, in seconds IdleTimeout: awscdk.Duration_Seconds(jsii.Number(1000)), // Whether HTTP headers with header fields thatare not valid // are removed by the load balancer (true), or routed to targets DropInvalidHeaderFields: jsii.Boolean(true), // How the load balancer handles requests that might // pose a security risk to your application DesyncMitigationMode: elbv2.DesyncMitigationMode_DEFENSIVE, // The type of IP addresses to use. IpAddressType: elbv2.IpAddressType_IPV4, // The duration of client keep-alive connections ClientKeepAlive: awscdk.Duration_*Seconds(jsii.Number(500)), // Whether cross-zone load balancing is enabled. CrossZoneEnabled: jsii.Boolean(true), // Whether the load balancer blocks traffic through the Internet Gateway (IGW). DenyAllIgwTraffic: jsii.Boolean(false), // Whether to preserve host header in the request to the target PreserveHostHeader: jsii.Boolean(true), // Whether to add the TLS information header to the request XAmznTlsVersionAndCipherSuiteHeaders: jsii.Boolean(true), // Whether the X-Forwarded-For header should preserve the source port PreserveXffClientPort: jsii.Boolean(true), // The processing mode for X-Forwarded-For headers XffHeaderProcessingMode: elbv2.XffHeaderProcessingMode_APPEND, // Whether to allow a load balancer to route requests to targets if it is unable to forward the request to AWS WAF. WafFailOpen: jsii.Boolean(true), })
const ( // Allows all traffic. DesyncMitigationMode_MONITOR DesyncMitigationMode = "MONITOR" // Provides durable mitigation against HTTP desync while maintaining the availability of your application. DesyncMitigationMode_DEFENSIVE DesyncMitigationMode = "DEFENSIVE" // Receives only requests that comply with RFC 7230. DesyncMitigationMode_STRICTEST DesyncMitigationMode = "STRICTEST" )
type FixedResponseOptions ¶
type FixedResponseOptions struct { // Content Type of the response. // // Valid Values: text/plain | text/css | text/html | application/javascript | application/json. // Default: - Automatically determined. // ContentType *string `field:"optional" json:"contentType" yaml:"contentType"` // The response body. // Default: - No body. // MessageBody *string `field:"optional" json:"messageBody" yaml:"messageBody"` }
Options for `ListenerAction.fixedResponse()`.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
type ForwardOptions ¶
type ForwardOptions struct { // For how long clients should be directed to the same target group. // // Range between 1 second and 7 days. // Default: - No stickiness. // StickinessDuration awscdk.Duration `field:"optional" json:"stickinessDuration" yaml:"stickinessDuration"` }
Options for `ListenerAction.forward()`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import cdk "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" forwardOptions := &ForwardOptions{ StickinessDuration: cdk.Duration_Minutes(jsii.Number(30)), }
type HealthCheck ¶
type HealthCheck struct { // Indicates whether health checks are enabled. // // If the target type is lambda, // health checks are disabled by default but can be enabled. If the target type // is instance or ip, health checks are always enabled and cannot be disabled. // Default: - Determined automatically. // Enabled *bool `field:"optional" json:"enabled" yaml:"enabled"` // GRPC code to use when checking for a successful response from a target. // // You can specify values between 0 and 99. You can specify multiple values // (for example, "0,1") or a range of values (for example, "0-5"). // Default: - 12. // HealthyGrpcCodes *string `field:"optional" json:"healthyGrpcCodes" yaml:"healthyGrpcCodes"` // HTTP code to use when checking for a successful response from a target. // // For Application Load Balancers, you can specify values between 200 and // 499, and the default value is 200. You can specify multiple values (for // example, "200,202") or a range of values (for example, "200-299"). HealthyHttpCodes *string `field:"optional" json:"healthyHttpCodes" yaml:"healthyHttpCodes"` // The number of consecutive health checks successes required before considering an unhealthy target healthy. // // For Application Load Balancers, the default is 5. For Network Load Balancers, the default is 3. // Default: 5 for ALBs, 3 for NLBs. // HealthyThresholdCount *float64 `field:"optional" json:"healthyThresholdCount" yaml:"healthyThresholdCount"` // The approximate number of seconds between health checks for an individual target. // // Must be 5 to 300 seconds. // Default: 10 seconds if protocol is `GENEVE`, 35 seconds if target type is `lambda`, else 30 seconds. // Interval awscdk.Duration `field:"optional" json:"interval" yaml:"interval"` // The ping path destination where Elastic Load Balancing sends health check requests. // Default: /. // Path *string `field:"optional" json:"path" yaml:"path"` // The port that the load balancer uses when performing health checks on the targets. // Default: 'traffic-port'. // Port *string `field:"optional" json:"port" yaml:"port"` // The protocol the load balancer uses when performing health checks on targets. // // The TCP protocol is supported for health checks only if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. // The TLS, UDP, and TCP_UDP protocols are not supported for health checks. // Default: HTTP for ALBs, TCP for NLBs. // Protocol Protocol `field:"optional" json:"protocol" yaml:"protocol"` // The amount of time, in seconds, during which no response from a target means a failed health check. // // Must be 2 to 120 seconds. // Default: 6 seconds if the protocol is HTTP, 5 seconds if protocol is `GENEVE`, 30 seconds if target type is `lambda`, 10 seconds for TCP, TLS, or HTTPS. // Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"` // The number of consecutive health check failures required before considering a target unhealthy. // // For Application Load Balancers, the default is 2. For Network Load // Balancers, this value must be the same as the healthy threshold count. // Default: 2. // UnhealthyThresholdCount *float64 `field:"optional" json:"unhealthyThresholdCount" yaml:"unhealthyThresholdCount"` }
Properties for configuring a health check.
Example:
var cluster cluster loadBalancedFargateService := ecsPatterns.NewApplicationLoadBalancedFargateService(this, jsii.String("Service"), &ApplicationLoadBalancedFargateServiceProps{ Cluster: Cluster, MemoryLimitMiB: jsii.Number(1024), Cpu: jsii.Number(512), TaskImageOptions: &ApplicationLoadBalancedTaskImageOptions{ Image: ecs.ContainerImage_FromRegistry(jsii.String("amazon/amazon-ecs-sample")), Command: []*string{ jsii.String("command"), }, EntryPoint: []*string{ jsii.String("entry"), jsii.String("point"), }, }, }) loadBalancedFargateService.TargetGroup.ConfigureHealthCheck(&HealthCheck{ Path: jsii.String("/custom-health-path"), })
type HttpCodeElb ¶
type HttpCodeElb string
Count of HTTP status originating from the load balancer.
This count does not include any response codes generated by the targets.
const ( // The number of HTTP 3XX redirection codes that originate from the load balancer. HttpCodeElb_ELB_3XX_COUNT HttpCodeElb = "ELB_3XX_COUNT" // The number of HTTP 4XX client error codes that originate from the load balancer. // // Client errors are generated when requests are malformed or incomplete. // These requests have not been received by the target. This count does not // include any response codes generated by the targets. HttpCodeElb_ELB_4XX_COUNT HttpCodeElb = "ELB_4XX_COUNT" // The number of HTTP 5XX server error codes that originate from the load balancer. HttpCodeElb_ELB_5XX_COUNT HttpCodeElb = "ELB_5XX_COUNT" // The number of HTTP 500 server error codes that originate from the load balancer. HttpCodeElb_ELB_500_COUNT HttpCodeElb = "ELB_500_COUNT" // The number of HTTP 502 server error codes that originate from the load balancer. HttpCodeElb_ELB_502_COUNT HttpCodeElb = "ELB_502_COUNT" // The number of HTTP 503 server error codes that originate from the load balancer. HttpCodeElb_ELB_503_COUNT HttpCodeElb = "ELB_503_COUNT" // The number of HTTP 504 server error codes that originate from the load balancer. HttpCodeElb_ELB_504_COUNT HttpCodeElb = "ELB_504_COUNT" )
type HttpCodeTarget ¶
type HttpCodeTarget string
Count of HTTP status originating from the targets.
Example:
import "github.com/aws/aws-cdk-go/awscdk" var service fargateService var blueTargetGroup applicationTargetGroup var greenTargetGroup applicationTargetGroup var listener iApplicationListener // Alarm on the number of unhealthy ECS tasks in each target group blueUnhealthyHosts := cloudwatch.NewAlarm(this, jsii.String("BlueUnhealthyHosts"), &AlarmProps{ AlarmName: jsii.String(awscdk.stack_Of(this).stackName + "-Unhealthy-Hosts-Blue"), Metric: blueTargetGroup.MetricUnhealthyHostCount(), Threshold: jsii.Number(1), EvaluationPeriods: jsii.Number(2), }) greenUnhealthyHosts := cloudwatch.NewAlarm(this, jsii.String("GreenUnhealthyHosts"), &AlarmProps{ AlarmName: jsii.String(awscdk.stack_Of(this).stackName + "-Unhealthy-Hosts-Green"), Metric: greenTargetGroup.*MetricUnhealthyHostCount(), Threshold: jsii.Number(1), EvaluationPeriods: jsii.Number(2), }) // Alarm on the number of HTTP 5xx responses returned by each target group blueApiFailure := cloudwatch.NewAlarm(this, jsii.String("Blue5xx"), &AlarmProps{ AlarmName: jsii.String(awscdk.stack_Of(this).stackName + "-Http-5xx-Blue"), Metric: blueTargetGroup.MetricHttpCodeTarget(elbv2.HttpCodeTarget_TARGET_5XX_COUNT, &MetricOptions{ Period: awscdk.Duration_Minutes(jsii.Number(1)), }), Threshold: jsii.Number(1), EvaluationPeriods: jsii.Number(1), }) greenApiFailure := cloudwatch.NewAlarm(this, jsii.String("Green5xx"), &AlarmProps{ AlarmName: jsii.String(awscdk.stack_Of(this).stackName + "-Http-5xx-Green"), Metric: greenTargetGroup.*MetricHttpCodeTarget(elbv2.HttpCodeTarget_TARGET_5XX_COUNT, &MetricOptions{ Period: awscdk.Duration_*Minutes(jsii.Number(1)), }), Threshold: jsii.Number(1), EvaluationPeriods: jsii.Number(1), }) codedeploy.NewEcsDeploymentGroup(this, jsii.String("BlueGreenDG"), &EcsDeploymentGroupProps{ // CodeDeploy will monitor these alarms during a deployment and automatically roll back Alarms: []iAlarm{ blueUnhealthyHosts, greenUnhealthyHosts, blueApiFailure, greenApiFailure, }, AutoRollback: &AutoRollbackConfig{ // CodeDeploy will automatically roll back if a deployment is stopped StoppedDeployment: jsii.Boolean(true), }, Service: Service, BlueGreenDeploymentConfig: &EcsBlueGreenDeploymentConfig{ BlueTargetGroup: *BlueTargetGroup, GreenTargetGroup: *GreenTargetGroup, Listener: *Listener, }, DeploymentConfig: codedeploy.EcsDeploymentConfig_CANARY_10PERCENT_5MINUTES(), })
const ( // The number of 2xx response codes from targets. HttpCodeTarget_TARGET_2XX_COUNT HttpCodeTarget = "TARGET_2XX_COUNT" // The number of 3xx response codes from targets. HttpCodeTarget_TARGET_3XX_COUNT HttpCodeTarget = "TARGET_3XX_COUNT" // The number of 4xx response codes from targets. HttpCodeTarget_TARGET_4XX_COUNT HttpCodeTarget = "TARGET_4XX_COUNT" // The number of 5xx response codes from targets. HttpCodeTarget_TARGET_5XX_COUNT HttpCodeTarget = "TARGET_5XX_COUNT" )
type IApplicationListener ¶
type IApplicationListener interface { awsec2.IConnectable IListener // Perform the given action on incoming requests. // // This allows full control of the default action of the load balancer, // including Action chaining, fixed responses and redirect responses. See // the `ListenerAction` class for all options. // // It's possible to add routing conditions to the Action added in this way. // // It is not possible to add a default action to an imported IApplicationListener. // In order to add actions to an imported IApplicationListener a `priority` // must be provided. AddAction(id *string, props *AddApplicationActionProps) // Add one or more certificates to this listener. AddCertificates(id *string, certificates *[]IListenerCertificate) // Load balance incoming requests to the given target groups. // // It's possible to add conditions to the TargetGroups added in this way. // At least one TargetGroup must be added without conditions. AddTargetGroups(id *string, props *AddApplicationTargetGroupsProps) // Load balance incoming requests to the given load balancing targets. // // This method implicitly creates an ApplicationTargetGroup for the targets // involved. // // It's possible to add conditions to the targets added in this way. At least // one set of targets must be added without conditions. // // Returns: The newly created target group. AddTargets(id *string, props *AddApplicationTargetsProps) ApplicationTargetGroup // Register that a connectable that has been added to this load balancer. // // Don't call this directly. It is called by ApplicationTargetGroup. RegisterConnectable(connectable awsec2.IConnectable, portRange awsec2.Port) }
Properties to reference an existing listener.
func ApplicationListener_FromApplicationListenerAttributes ¶
func ApplicationListener_FromApplicationListenerAttributes(scope constructs.Construct, id *string, attrs *ApplicationListenerAttributes) IApplicationListener
Import an existing listener.
func ApplicationListener_FromLookup ¶
func ApplicationListener_FromLookup(scope constructs.Construct, id *string, options *ApplicationListenerLookupOptions) IApplicationListener
Look up an ApplicationListener.
type IApplicationLoadBalancer ¶
type IApplicationLoadBalancer interface { awsec2.IConnectable ILoadBalancerV2 // Add a new listener to this load balancer. AddListener(id *string, props *BaseApplicationListenerProps) ApplicationListener // The IP Address Type for this load balancer. // Default: IpAddressType.IPV4 // IpAddressType() IpAddressType // A list of listeners that have been added to the load balancer. // // This list is only valid for owned constructs. Listeners() *[]ApplicationListener // The ARN of this load balancer. LoadBalancerArn() *string // All metrics available for this load balancer. Metrics() IApplicationLoadBalancerMetrics // The VPC this load balancer has been created in (if available). // // If this interface is the result of an import call to fromApplicationLoadBalancerAttributes, // the vpc attribute will be undefined unless specified in the optional properties of that method. Vpc() awsec2.IVpc }
An application load balancer.
func ApplicationLoadBalancer_FromApplicationLoadBalancerAttributes ¶
func ApplicationLoadBalancer_FromApplicationLoadBalancerAttributes(scope constructs.Construct, id *string, attrs *ApplicationLoadBalancerAttributes) IApplicationLoadBalancer
Import an existing Application Load Balancer.
func ApplicationLoadBalancer_FromLookup ¶
func ApplicationLoadBalancer_FromLookup(scope constructs.Construct, id *string, options *ApplicationLoadBalancerLookupOptions) IApplicationLoadBalancer
Look up an application load balancer.
type IApplicationLoadBalancerMetrics ¶ added in v2.64.0
type IApplicationLoadBalancerMetrics interface { // The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets. // Default: Sum over 5 minutes. // ActiveConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the client that did not establish a session with the load balancer. // // Possible causes include a // mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // ClientTlsNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of load balancer capacity units (LCU) used by your load balancer. // Default: Sum over 5 minutes. // ConsumedLCUs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Return the given named metric for this Application Load Balancer. // Default: Average over 5 minutes. // Custom(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of user authentications that could not be completed. // // Because an authenticate action was misconfigured, the load balancer // couldn't establish a connection with the IdP, or the load balancer // couldn't complete the authentication flow due to an internal error. // Default: Sum over 5 minutes. // ElbAuthError(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of user authentications that could not be completed because the IdP denied access to the user or an authorization code was used more than once. // Default: Sum over 5 minutes. // ElbAuthFailure(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in milliseconds, to query the IdP for the ID token and user info. // // If one or more of these operations fail, this is the time to failure. // Default: Average over 5 minutes. // ElbAuthLatency(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of authenticate actions that were successful. // // This metric is incremented at the end of the authentication workflow, // after the load balancer has retrieved the user claims from the IdP. // Default: Sum over 5 minutes. // ElbAuthSuccess(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 3xx/4xx/5xx codes that originate from the load balancer. // // This does not include any response codes generated by the targets. // Default: Sum over 5 minutes. // HttpCodeElb(code HttpCodeElb, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in the load balancer. // // This does not include any response codes generated by the load balancer. // Default: Sum over 5 minutes. // HttpCodeTarget(code HttpCodeTarget, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of fixed-response actions that were successful. // Default: Sum over 5 minutes. // HttpFixedResponseCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of redirect actions that were successful. // Default: Sum over 5 minutes. // HttpRedirectCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of redirect actions that couldn't be completed because the URL in the response location header is larger than 8K. // Default: Sum over 5 minutes. // HttpRedirectUrlLimitExceededCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer over IPv6. // Default: Sum over 5 minutes. // Ipv6ProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of IPv6 requests received by the load balancer. // Default: Sum over 5 minutes. // Ipv6RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets. // Default: Sum over 5 minutes. // NewConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer over IPv4 and IPv6. // Default: Sum over 5 minutes. // ProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were rejected because the load balancer had reached its maximum number of connections. // Default: Sum over 5 minutes. // RejectedConnectionCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of requests processed over IPv4 and IPv6. // // This count includes only the requests with a response generated by a target of the load balancer. // Default: Sum over 5 minutes. // RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of rules processed by the load balancer given a request rate averaged over an hour. // Default: Sum over 5 minutes. // RuleEvaluations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were not successfully established between the load balancer and target. // Default: Sum over 5 minutes. // TargetConnectionErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received. // Default: Average over 5 minutes. // TargetResponseTime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the load balancer that did not establish a session with the target. // // Possible causes include a mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // TargetTLSNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric }
Contains all metrics for an Application Load Balancer.
type IApplicationLoadBalancerTarget ¶
type IApplicationLoadBalancerTarget interface { // Attach load-balanced target to a TargetGroup. // // May return JSON to directly add to the [Targets] list, or return undefined // if the target will register itself with the load balancer. AttachToApplicationTargetGroup(targetGroup IApplicationTargetGroup) *LoadBalancerTargetProps }
Interface for constructs that can be targets of an application load balancer.
type IApplicationTargetGroup ¶
type IApplicationTargetGroup interface { ITargetGroup // Add a load balancing target to this target group. AddTarget(targets ...IApplicationLoadBalancerTarget) // Register a connectable as a member of this target group. // // Don't call this directly. It will be called by load balancing targets. RegisterConnectable(connectable awsec2.IConnectable, portRange awsec2.Port) // Register a listener that is load balancing to this target group. // // Don't call this directly. It will be called by listeners. RegisterListener(listener IApplicationListener, associatingConstruct constructs.IConstruct) // All metrics available for this target group. Metrics() IApplicationTargetGroupMetrics }
A Target Group for Application Load Balancers.
func ApplicationTargetGroup_FromTargetGroupAttributes ¶
func ApplicationTargetGroup_FromTargetGroupAttributes(scope constructs.Construct, id *string, attrs *TargetGroupAttributes) IApplicationTargetGroup
Import an existing target group.
type IApplicationTargetGroupMetrics ¶ added in v2.65.0
type IApplicationTargetGroupMetrics interface { // Return the given named metric for this Network Target Group. // Default: Average over 5 minutes. // Custom(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of healthy hosts in the target group. // Default: Average over 5 minutes. // HealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in this target group. // // This does not include any response codes generated by the load balancer. // Default: Sum over 5 minutes. // HttpCodeTarget(code HttpCodeTarget, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of IPv6 requests received by the target group. // Default: Sum over 5 minutes. // Ipv6RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of requests processed over IPv4 and IPv6. // // This count includes only the requests with a response generated by a target of the load balancer. // Default: Sum over 5 minutes. // RequestCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The average number of requests received by each target in a target group. // // The only valid statistic is Sum. Note that this represents the average not the sum. // Default: Sum over 5 minutes. // RequestCountPerTarget(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of connections that were not successfully established between the load balancer and target. // Default: Sum over 5 minutes. // TargetConnectionErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received. // Default: Average over 5 minutes. // TargetResponseTime(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of TLS connections initiated by the load balancer that did not establish a session with the target. // // Possible causes include a mismatch of ciphers or protocols. // Default: Sum over 5 minutes. // TargetTLSNegotiationErrorCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of unhealthy hosts in the target group. // Default: Average over 5 minutes. // UnhealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric }
Contains all metrics for a Target Group of a Application Load Balancer.
type IListener ¶ added in v2.50.0
type IListener interface { awscdk.IResource // ARN of the listener. ListenerArn() *string }
Base interface for listeners.
type IListenerAction ¶
type IListenerAction interface { // Render the listener default actions in this chain. RenderActions() *[]*CfnListener_ActionProperty // Render the listener rule actions in this chain. RenderRuleActions() *[]*CfnListenerRule_ActionProperty }
Interface for listener actions.
type IListenerCertificate ¶
type IListenerCertificate interface { // The ARN of the certificate to use. CertificateArn() *string }
A certificate source for an ELBv2 listener.
type ILoadBalancerV2 ¶
type ILoadBalancerV2 interface { awscdk.IResource // The canonical hosted zone ID of this load balancer. // // Example value: `Z2P70J7EXAMPLE`. LoadBalancerCanonicalHostedZoneId() *string // The DNS name of this load balancer. // // Example value: `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` LoadBalancerDnsName() *string }
type INetworkListener ¶
type INetworkListener interface { IListener }
Properties to reference an existing listener.
func NetworkListener_FromLookup ¶
func NetworkListener_FromLookup(scope constructs.Construct, id *string, options *NetworkListenerLookupOptions) INetworkListener
Looks up a network listener.
func NetworkListener_FromNetworkListenerArn ¶
func NetworkListener_FromNetworkListenerArn(scope constructs.Construct, id *string, networkListenerArn *string) INetworkListener
Import an existing listener.
type INetworkLoadBalancer ¶
type INetworkLoadBalancer interface { awsec2.IConnectable ILoadBalancerV2 awsec2.IVpcEndpointServiceLoadBalancer // Add a listener to this load balancer. // // Returns: The newly created listener. AddListener(id *string, props *BaseNetworkListenerProps) NetworkListener // Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink. // Default: on. // EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic() *string // The type of IP addresses to use. // Default: IpAddressType.IPV4 // IpAddressType() IpAddressType // All metrics available for this load balancer. Metrics() INetworkLoadBalancerMetrics // Security groups associated with this load balancer. SecurityGroups() *[]*string // The VPC this load balancer has been created in (if available). Vpc() awsec2.IVpc }
A network load balancer.
func NetworkLoadBalancer_FromLookup ¶
func NetworkLoadBalancer_FromLookup(scope constructs.Construct, id *string, options *NetworkLoadBalancerLookupOptions) INetworkLoadBalancer
Looks up the network load balancer.
func NetworkLoadBalancer_FromNetworkLoadBalancerAttributes ¶
func NetworkLoadBalancer_FromNetworkLoadBalancerAttributes(scope constructs.Construct, id *string, attrs *NetworkLoadBalancerAttributes) INetworkLoadBalancer
type INetworkLoadBalancerMetrics ¶ added in v2.64.0
type INetworkLoadBalancerMetrics interface { // The total number of concurrent TCP flows (or connections) from clients to targets. // // This metric includes connections in the SYN_SENT and ESTABLISHED states. // TCP connections are not terminated at the load balancer, so a client // opening a TCP connection to a target counts as a single flow. // Default: Average over 5 minutes. // ActiveFlowCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of load balancer capacity units (LCU) used by your load balancer. // Default: Sum over 5 minutes. // ConsumedLCUs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Return the given named metric for this Network Load Balancer. // Default: Average over 5 minutes. // Custom(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of new TCP flows (or connections) established from clients to targets in the time period. // Default: Sum over 5 minutes. // NewFlowCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer, including TCP/IP headers. // Default: Sum over 5 minutes. // ProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets sent from a client to a target. // // These resets are generated by the client and forwarded by the load balancer. // Default: Sum over 5 minutes. // TcpClientResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets generated by the load balancer. // Default: Sum over 5 minutes. // TcpElbResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets sent from a target to a client. // // These resets are generated by the target and forwarded by the load balancer. // Default: Sum over 5 minutes. // TcpTargetResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric }
Contains all metrics for a Network Load Balancer.
type INetworkLoadBalancerTarget ¶
type INetworkLoadBalancerTarget interface { // Attach load-balanced target to a TargetGroup. // // May return JSON to directly add to the [Targets] list, or return undefined // if the target will register itself with the load balancer. AttachToNetworkTargetGroup(targetGroup INetworkTargetGroup) *LoadBalancerTargetProps }
Interface for constructs that can be targets of an network load balancer.
type INetworkTargetGroup ¶
type INetworkTargetGroup interface { ITargetGroup // Add a load balancing target to this target group. AddTarget(targets ...INetworkLoadBalancerTarget) // Register a listener that is load balancing to this target group. // // Don't call this directly. It will be called by listeners. RegisterListener(listener INetworkListener) // All metrics available for this target group. Metrics() INetworkTargetGroupMetrics }
A network target group.
func NetworkTargetGroup_FromTargetGroupAttributes ¶
func NetworkTargetGroup_FromTargetGroupAttributes(scope constructs.Construct, id *string, attrs *TargetGroupAttributes) INetworkTargetGroup
Import an existing target group.
type INetworkTargetGroupMetrics ¶ added in v2.65.0
type INetworkTargetGroupMetrics interface { // Return the given named metric for this Network Target Group. // Default: Average over 5 minutes. // Custom(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of targets that are considered healthy. // Default: Average over 5 minutes. // HealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of targets that are considered unhealthy. // Default: Average over 5 minutes. // UnHealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric }
Contains all metrics for a Target Group of a Network Load Balancer.
type ITargetGroup ¶
type ITargetGroup interface { constructs.IConstruct // A token representing a list of ARNs of the load balancers that route traffic to this target group. LoadBalancerArns() *string // Return an object to depend on the listeners added to this target group. LoadBalancerAttached() constructs.IDependable // ARN of the target group. TargetGroupArn() *string // The name of the target group. TargetGroupName() *string }
A target group.
type ITrustStore ¶ added in v2.154.0
type ITrustStore interface { awscdk.IResource // The ARN of the trust store. TrustStoreArn() *string // The name of the trust store. TrustStoreName() *string }
Represents a Trust Store.
func TrustStore_FromTrustStoreArn ¶ added in v2.154.0
func TrustStore_FromTrustStoreArn(scope constructs.Construct, id *string, trustStoreArn *string) ITrustStore
Import from ARN.
type IpAddressType ¶
type IpAddressType string
What kind of addresses to allocate to the load balancer.
Example:
var vpc vpc lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), // Whether HTTP/2 is enabled Http2Enabled: jsii.Boolean(false), // The idle timeout value, in seconds IdleTimeout: awscdk.Duration_Seconds(jsii.Number(1000)), // Whether HTTP headers with header fields thatare not valid // are removed by the load balancer (true), or routed to targets DropInvalidHeaderFields: jsii.Boolean(true), // How the load balancer handles requests that might // pose a security risk to your application DesyncMitigationMode: elbv2.DesyncMitigationMode_DEFENSIVE, // The type of IP addresses to use. IpAddressType: elbv2.IpAddressType_IPV4, // The duration of client keep-alive connections ClientKeepAlive: awscdk.Duration_*Seconds(jsii.Number(500)), // Whether cross-zone load balancing is enabled. CrossZoneEnabled: jsii.Boolean(true), // Whether the load balancer blocks traffic through the Internet Gateway (IGW). DenyAllIgwTraffic: jsii.Boolean(false), // Whether to preserve host header in the request to the target PreserveHostHeader: jsii.Boolean(true), // Whether to add the TLS information header to the request XAmznTlsVersionAndCipherSuiteHeaders: jsii.Boolean(true), // Whether the X-Forwarded-For header should preserve the source port PreserveXffClientPort: jsii.Boolean(true), // The processing mode for X-Forwarded-For headers XffHeaderProcessingMode: elbv2.XffHeaderProcessingMode_APPEND, // Whether to allow a load balancer to route requests to targets if it is unable to forward the request to AWS WAF. WafFailOpen: jsii.Boolean(true), })
const ( // Allocate IPv4 addresses. IpAddressType_IPV4 IpAddressType = "IPV4" // Allocate both IPv4 and IPv6 addresses. IpAddressType_DUAL_STACK IpAddressType = "DUAL_STACK" )
type ListenerAction ¶
type ListenerAction interface { IListenerAction Next() ListenerAction // Sets the Action for the `ListenerRule`. // // This method is required to set a dedicated Action to a `ListenerRule` // when the Action for the `CfnListener` and the Action for the `CfnListenerRule` // have different structures. (e.g. `AuthenticateOidcConfig`) AddRuleAction(actionJson *CfnListenerRule_ActionProperty) // Called when the action is being used in a listener. Bind(scope constructs.Construct, listener IApplicationListener, associatingConstruct constructs.IConstruct) // Render the listener default actions in this chain. RenderActions() *[]*CfnListener_ActionProperty // Render the listener rule actions in this chain. RenderRuleActions() *[]*CfnListenerRule_ActionProperty // Renumber the "order" fields in the actions array. // // We don't number for 0 or 1 elements, but otherwise number them 1...#actions // so ELB knows about the right order. // // Do this in `ListenerAction` instead of in `Listener` so that we give // users the opportunity to override by subclassing and overriding `renderActions`. Renumber(actions *[]*CfnListener_ActionProperty) *[]*CfnListener_ActionProperty }
What to do when a client makes a request to a listener.
Some actions can be combined with other ones (specifically, you can perform authentication before serving the request).
Multiple actions form a linked chain; the chain must always terminate in a *(weighted)forward*, *fixedResponse* or *redirect* action.
If an action supports chaining, the next action can be indicated by passing it in the `next` property.
(Called `ListenerAction` instead of the more strictly correct `ListenerAction` because this is the class most users interact with, and we want to make it not too visually overwhelming).
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
func ListenerAction_AuthenticateOidc ¶
func ListenerAction_AuthenticateOidc(options *AuthenticateOidcOptions) ListenerAction
Authenticate using an identity provider (IdP) that is compliant with OpenID Connect (OIDC). See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#oidc-requirements
func ListenerAction_FixedResponse ¶
func ListenerAction_FixedResponse(statusCode *float64, options *FixedResponseOptions) ListenerAction
Return a fixed response. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#fixed-response-actions
func ListenerAction_Forward ¶
func ListenerAction_Forward(targetGroups *[]IApplicationTargetGroup, options *ForwardOptions) ListenerAction
Forward to one or more Target Groups. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions
func ListenerAction_Redirect ¶
func ListenerAction_Redirect(options *RedirectOptions) ListenerAction
Redirect to a different URI.
A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values.
You can reuse URI components using the following reserved keywords:
- `#{protocol}` - `#{host}` - `#{port}` - `#{path}` (the leading "/" is removed) - `#{query}`
For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz". See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#redirect-actions
func ListenerAction_WeightedForward ¶
func ListenerAction_WeightedForward(targetGroups *[]*WeightedTargetGroup, options *ForwardOptions) ListenerAction
Forward to one or more Target Groups which are weighted differently. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions
func NewListenerAction ¶
func NewListenerAction(defaultActionJson *CfnListener_ActionProperty, next ListenerAction) ListenerAction
Create an instance of ListenerAction.
The default class should be good enough for most cases and should be created by using one of the static factory functions, but allow overriding to make sure we allow flexibility for the future.
type ListenerCertificate ¶
type ListenerCertificate interface { IListenerCertificate // The ARN of the certificate to use. CertificateArn() *string }
A certificate source for an ELBv2 listener.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" listenerCertificate := awscdk.Aws_elasticloadbalancingv2.ListenerCertificate_FromArn(jsii.String("certificateArn"))
func ListenerCertificate_FromArn ¶
func ListenerCertificate_FromArn(certificateArn *string) ListenerCertificate
Use any certificate, identified by its ARN, as a listener certificate.
func ListenerCertificate_FromCertificateManager ¶
func ListenerCertificate_FromCertificateManager(acmCertificate awscertificatemanager.ICertificate) ListenerCertificate
Use an ACM certificate as a listener certificate.
func NewListenerCertificate ¶
func NewListenerCertificate(certificateArn *string) ListenerCertificate
type ListenerCondition ¶
type ListenerCondition interface {
// Render the raw Cfn listener rule condition object.
RenderRawCondition() interface{}
}
ListenerCondition providers definition.
Example:
var listener applicationListener var asg autoScalingGroup listener.AddTargets(jsii.String("Example.Com Fleet"), &AddApplicationTargetsProps{ Priority: jsii.Number(10), Conditions: []listenerCondition{ elbv2.*listenerCondition_HostHeaders([]*string{ jsii.String("example.com"), }), elbv2.*listenerCondition_PathPatterns([]*string{ jsii.String("/ok"), jsii.String("/path"), }), }, Port: jsii.Number(8080), Targets: []iApplicationLoadBalancerTarget{ asg, }, })
func ListenerCondition_HostHeaders ¶
func ListenerCondition_HostHeaders(values *[]*string) ListenerCondition
Create a host-header listener rule condition.
func ListenerCondition_HttpHeader ¶
func ListenerCondition_HttpHeader(name *string, values *[]*string) ListenerCondition
Create a http-header listener rule condition.
func ListenerCondition_HttpRequestMethods ¶
func ListenerCondition_HttpRequestMethods(values *[]*string) ListenerCondition
Create a http-request-method listener rule condition.
func ListenerCondition_PathPatterns ¶
func ListenerCondition_PathPatterns(values *[]*string) ListenerCondition
Create a path-pattern listener rule condition.
func ListenerCondition_QueryStrings ¶
func ListenerCondition_QueryStrings(values *[]*QueryStringCondition) ListenerCondition
Create a query-string listener rule condition.
func ListenerCondition_SourceIps ¶
func ListenerCondition_SourceIps(values *[]*string) ListenerCondition
Create a source-ip listener rule condition.
type LoadBalancerTargetProps ¶
type LoadBalancerTargetProps struct { // What kind of target this is. TargetType TargetType `field:"required" json:"targetType" yaml:"targetType"` // JSON representing the target's direct addition to the TargetGroup list. // // May be omitted if the target is going to register itself later. TargetJson interface{} `field:"optional" json:"targetJson" yaml:"targetJson"` }
Result of attaching a target to load balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var targetJson interface{} loadBalancerTargetProps := &LoadBalancerTargetProps{ TargetType: awscdk.Aws_elasticloadbalancingv2.TargetType_INSTANCE, // the properties below are optional TargetJson: targetJson, }
type MutualAuthentication ¶ added in v2.154.0
type MutualAuthentication struct { // Indicates whether expired client certificates are ignored. // // Cannot be used with MutualAuthenticationMode.OFF or MutualAuthenticationMode.PASS_THROUGH // Default: false. // IgnoreClientCertificateExpiry *bool `field:"optional" json:"ignoreClientCertificateExpiry" yaml:"ignoreClientCertificateExpiry"` // The client certificate handling method. // Default: MutualAuthenticationMode.OFF // MutualAuthenticationMode MutualAuthenticationMode `field:"optional" json:"mutualAuthenticationMode" yaml:"mutualAuthenticationMode"` // The trust store. // // Cannot be used with MutualAuthenticationMode.OFF or MutualAuthenticationMode.PASS_THROUGH // Default: - no trust store. // TrustStore ITrustStore `field:"optional" json:"trustStore" yaml:"trustStore"` }
The mutual authentication configuration information.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
type MutualAuthenticationMode ¶ added in v2.154.0
type MutualAuthenticationMode string
The client certificate handling method.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
const ( // Off. MutualAuthenticationMode_OFF MutualAuthenticationMode = "OFF" // Application Load Balancer sends the whole client certificate chain to the target using HTTP headers. MutualAuthenticationMode_PASS_THROUGH MutualAuthenticationMode = "PASS_THROUGH" // Application Load Balancer performs X.509 client certificate authentication for clients when a load balancer negotiates TLS connections. MutualAuthenticationMode_VERIFY MutualAuthenticationMode = "VERIFY" )
type NetworkForwardOptions ¶
type NetworkForwardOptions struct { // For how long clients should be directed to the same target group. // // Range between 1 second and 7 days. // Default: - No stickiness. // StickinessDuration awscdk.Duration `field:"optional" json:"stickinessDuration" yaml:"stickinessDuration"` }
Options for `NetworkListenerAction.forward()`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import cdk "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" networkForwardOptions := &NetworkForwardOptions{ StickinessDuration: cdk.Duration_Minutes(jsii.Number(30)), }
type NetworkListener ¶
type NetworkListener interface { BaseListener INetworkListener // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // ARN of the listener. ListenerArn() *string // The load balancer this listener is attached to. LoadBalancer() INetworkLoadBalancer // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // Perform the given Action on incoming requests. // // This allows full control of the default Action of the load balancer, // including weighted forwarding. See the `NetworkListenerAction` class for // all options. AddAction(_id *string, props *AddNetworkActionProps) // Add one or more certificates to this listener. // // After the first certificate, this creates NetworkListenerCertificates // resources since cloudformation requires the certificates array on the // listener resource to have a length of 1. AddCertificates(id *string, certificates *[]IListenerCertificate) // Load balance incoming requests to the given target groups. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use `addAction()`. AddTargetGroups(_id *string, targetGroups ...INetworkTargetGroup) // Load balance incoming requests to the given load balancing targets. // // This method implicitly creates a NetworkTargetGroup for the targets // involved, and a 'forward' action to route traffic to the given TargetGroup. // // If you want more control over the precise setup, create the TargetGroup // and use `addAction` yourself. // // It's possible to add conditions to the targets added in this way. At least // one set of targets must be added without conditions. // // Returns: The newly created target group. AddTargets(id *string, props *AddNetworkTargetsProps) NetworkTargetGroup // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string // Validate this listener. ValidateListener() *[]*string }
Define a Network Listener.
Example:
var vpc vpc var asg autoScalingGroup var sg1 iSecurityGroup var sg2 iSecurityGroup // Create the load balancer in a VPC. 'internetFacing' is 'false' // by default, which creates an internal load balancer. lb := elbv2.NewNetworkLoadBalancer(this, jsii.String("LB"), &NetworkLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), SecurityGroups: []*iSecurityGroup{ sg1, }, }) lb.AddSecurityGroup(sg2) // Add a listener on a particular port. listener := lb.AddListener(jsii.String("Listener"), &BaseNetworkListenerProps{ Port: jsii.Number(443), }) // Add targets on a particular port. listener.AddTargets(jsii.String("AppFleet"), &AddNetworkTargetsProps{ Port: jsii.Number(443), Targets: []iNetworkLoadBalancerTarget{ asg, }, })
func NewNetworkListener ¶
func NewNetworkListener(scope constructs.Construct, id *string, props *NetworkListenerProps) NetworkListener
type NetworkListenerAction ¶
type NetworkListenerAction interface { IListenerAction Next() NetworkListenerAction // Called when the action is being used in a listener. Bind(scope constructs.Construct, listener INetworkListener) // Render the listener default actions in this chain. RenderActions() *[]*CfnListener_ActionProperty // Render the listener rule actions in this chain. RenderRuleActions() *[]*CfnListenerRule_ActionProperty // Renumber the "order" fields in the actions array. // // We don't number for 0 or 1 elements, but otherwise number them 1...#actions // so ELB knows about the right order. // // Do this in `NetworkListenerAction` instead of in `Listener` so that we give // users the opportunity to override by subclassing and overriding `renderActions`. Renumber(actions *[]*CfnListener_ActionProperty) *[]*CfnListener_ActionProperty }
What to do when a client makes a request to a listener.
Some actions can be combined with other ones (specifically, you can perform authentication before serving the request).
Multiple actions form a linked chain; the chain must always terminate in a *(weighted)forward*, *fixedResponse* or *redirect* action.
If an action supports chaining, the next action can be indicated by passing it in the `next` property.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import cdk "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var networkTargetGroup networkTargetGroup networkListenerAction := awscdk.Aws_elasticloadbalancingv2.NetworkListenerAction_Forward([]iNetworkTargetGroup{ networkTargetGroup, }, &NetworkForwardOptions{ StickinessDuration: cdk.Duration_Minutes(jsii.Number(30)), })
func NetworkListenerAction_Forward ¶
func NetworkListenerAction_Forward(targetGroups *[]INetworkTargetGroup, options *NetworkForwardOptions) NetworkListenerAction
Forward to one or more Target Groups.
func NetworkListenerAction_WeightedForward ¶
func NetworkListenerAction_WeightedForward(targetGroups *[]*NetworkWeightedTargetGroup, options *NetworkForwardOptions) NetworkListenerAction
Forward to one or more Target Groups which are weighted differently.
func NewNetworkListenerAction ¶
func NewNetworkListenerAction(defaultActionJson *CfnListener_ActionProperty, next NetworkListenerAction) NetworkListenerAction
Create an instance of NetworkListenerAction.
The default class should be good enough for most cases and should be created by using one of the static factory functions, but allow overriding to make sure we allow flexibility for the future.
type NetworkListenerLookupOptions ¶
type NetworkListenerLookupOptions struct { // Filter listeners by listener port. // Default: - does not filter by listener port. // ListenerPort *float64 `field:"optional" json:"listenerPort" yaml:"listenerPort"` // Filter listeners by associated load balancer arn. // Default: - does not filter by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Filter listeners by associated load balancer tags. // Default: - does not filter by load balancer tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` // Protocol of the listener port. // Default: - listener is not filtered by protocol. // ListenerProtocol Protocol `field:"optional" json:"listenerProtocol" yaml:"listenerProtocol"` }
Options for looking up a network listener.
Example:
listener := elbv2.NetworkListener_FromLookup(this, jsii.String("ALBListener"), &NetworkListenerLookupOptions{ LoadBalancerTags: map[string]*string{ "Cluster": jsii.String("MyClusterName"), }, ListenerProtocol: elbv2.Protocol_TCP, ListenerPort: jsii.Number(12345), })
type NetworkListenerProps ¶
type NetworkListenerProps struct { // The port on which the listener listens for requests. Port *float64 `field:"required" json:"port" yaml:"port"` // Application-Layer Protocol Negotiation (ALPN) is a TLS extension that is sent on the initial TLS handshake hello messages. // // ALPN enables the application layer to negotiate which protocols should be used over a secure connection, such as HTTP/1 and HTTP/2. // // Can only be specified together with Protocol TLS. // Default: - None. // AlpnPolicy AlpnPolicy `field:"optional" json:"alpnPolicy" yaml:"alpnPolicy"` // Certificate list of ACM cert ARNs. // // You must provide exactly one certificate if the listener protocol is HTTPS or TLS. // Default: - No certificates. // Certificates *[]IListenerCertificate `field:"optional" json:"certificates" yaml:"certificates"` // Default action to take for requests to this listener. // // This allows full control of the default Action of the load balancer, // including weighted forwarding. See the `NetworkListenerAction` class for // all options. // // Cannot be specified together with `defaultTargetGroups`. // Default: - None. // DefaultAction NetworkListenerAction `field:"optional" json:"defaultAction" yaml:"defaultAction"` // Default target groups to load balance to. // // All target groups will be load balanced to with equal weight and without // stickiness. For a more complex configuration than that, use // either `defaultAction` or `addAction()`. // // Cannot be specified together with `defaultAction`. // Default: - None. // DefaultTargetGroups *[]INetworkTargetGroup `field:"optional" json:"defaultTargetGroups" yaml:"defaultTargetGroups"` // Protocol for listener, expects TCP, TLS, UDP, or TCP_UDP. // Default: - TLS if certificates are provided. TCP otherwise. // Protocol Protocol `field:"optional" json:"protocol" yaml:"protocol"` // SSL Policy. // Default: - Current predefined security policy. // SslPolicy SslPolicy `field:"optional" json:"sslPolicy" yaml:"sslPolicy"` // The load balancer to attach this listener to. LoadBalancer INetworkLoadBalancer `field:"required" json:"loadBalancer" yaml:"loadBalancer"` }
Properties for a Network Listener attached to a Load Balancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var listenerCertificate listenerCertificate var networkListenerAction networkListenerAction var networkLoadBalancer networkLoadBalancer var networkTargetGroup networkTargetGroup networkListenerProps := &NetworkListenerProps{ LoadBalancer: networkLoadBalancer, Port: jsii.Number(123), // the properties below are optional AlpnPolicy: awscdk.Aws_elasticloadbalancingv2.AlpnPolicy_HTTP1_ONLY, Certificates: []iListenerCertificate{ listenerCertificate, }, DefaultAction: networkListenerAction, DefaultTargetGroups: []iNetworkTargetGroup{ networkTargetGroup, }, Protocol: awscdk.*Aws_elasticloadbalancingv2.Protocol_HTTP, SslPolicy: awscdk.*Aws_elasticloadbalancingv2.SslPolicy_RECOMMENDED_TLS, }
type NetworkLoadBalancer ¶
type NetworkLoadBalancer interface { BaseLoadBalancer INetworkLoadBalancer // The network connections associated with this resource. Connections() awsec2.Connections // Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink. EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic() *string // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The type of IP addresses to use. IpAddressType() IpAddressType // The ARN of this load balancer. // // Example value: `arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-internal-load-balancer/50dc6c495c0c9188`. LoadBalancerArn() *string // The canonical hosted zone ID of this load balancer. // // Example value: `Z2P70J7EXAMPLE`. LoadBalancerCanonicalHostedZoneId() *string // The DNS name of this load balancer. // // Example value: `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` LoadBalancerDnsName() *string // The full name of this load balancer. // // Example value: `app/my-load-balancer/50dc6c495c0c9188`. LoadBalancerFullName() *string // The name of this load balancer. // // Example value: `my-load-balancer`. LoadBalancerName() *string LoadBalancerSecurityGroups() *[]*string // All metrics available for this load balancer. Metrics() INetworkLoadBalancerMetrics // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // After the implementation of `IConnectable` (see https://github.com/aws/aws-cdk/pull/28494), the default value for `securityGroups` is set by the `ec2.Connections` constructor to an empty array. To keep backward compatibility (`securityGroups` is `undefined` if the related property is not specified) a getter has been added. SecurityGroups() *[]*string // The stack in which this resource is defined. Stack() awscdk.Stack // The VPC this load balancer has been created in. // // This property is always defined (not `null` or `undefined`) for sub-classes of `BaseLoadBalancer`. Vpc() awsec2.IVpc // Add a listener to this load balancer. // // Returns: The newly created listener. AddListener(id *string, props *BaseNetworkListenerProps) NetworkListener // Add a security group to this load balancer. AddSecurityGroup(securityGroup awsec2.ISecurityGroup) // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Enable access logging for this load balancer. // // A region must be specified on the stack containing the load balancer; you cannot enable logging on // environment-agnostic stacks. See https://docs.aws.amazon.com/cdk/latest/guide/environments.html LogAccessLogs(bucket awss3.IBucket, prefix *string) // Return the given named metric for this Network Load Balancer. // Default: Average over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.custom“ instead Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of concurrent TCP flows (or connections) from clients to targets. // // This metric includes connections in the SYN_SENT and ESTABLISHED states. // TCP connections are not terminated at the load balancer, so a client // opening a TCP connection to a target counts as a single flow. // Default: Average over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.activeFlowCount“ instead MetricActiveFlowCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of load balancer capacity units (LCU) used by your load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.activeFlowCount“ instead MetricConsumedLCUs(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of new TCP flows (or connections) established from clients to targets in the time period. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.newFlowCount“ instead MetricNewFlowCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of bytes processed by the load balancer, including TCP/IP headers. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.processedBytes“ instead MetricProcessedBytes(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets sent from a client to a target. // // These resets are generated by the client and forwarded by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.tcpClientResetCount“ instead MetricTcpClientResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets generated by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.tcpElbResetCount“ instead MetricTcpElbResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The total number of reset (RST) packets sent from a target to a client. // // These resets are generated by the target and forwarded by the load balancer. // Default: Sum over 5 minutes. // // Deprecated: Use “NetworkLoadBalancer.metrics.tcpTargetResetCount“ instead MetricTcpTargetResetCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Remove an attribute from the load balancer. RemoveAttribute(key *string) ResourcePolicyPrincipal() awsiam.IPrincipal // Set a non-standard attribute on the load balancer. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateLoadBalancer() *[]*string }
Define a new network load balancer.
Example:
import "github.com/aws/aws-cdk-go/awscdk" vpc := ec2.NewVpc(this, jsii.String("VPC")) lb := elbv2.NewNetworkLoadBalancer(this, jsii.String("lb"), &NetworkLoadBalancerProps{ Vpc: Vpc, }) listener := lb.AddListener(jsii.String("listener"), &BaseNetworkListenerProps{ Port: jsii.Number(80), }) listener.AddTargets(jsii.String("target"), &AddNetworkTargetsProps{ Port: jsii.Number(80), }) httpEndpoint := apigwv2.NewHttpApi(this, jsii.String("HttpProxyPrivateApi"), &HttpApiProps{ DefaultIntegration: awscdk.NewHttpNlbIntegration(jsii.String("DefaultIntegration"), listener), })
func NewNetworkLoadBalancer ¶
func NewNetworkLoadBalancer(scope constructs.Construct, id *string, props *NetworkLoadBalancerProps) NetworkLoadBalancer
type NetworkLoadBalancerAttributes ¶
type NetworkLoadBalancerAttributes struct { // ARN of the load balancer. LoadBalancerArn *string `field:"required" json:"loadBalancerArn" yaml:"loadBalancerArn"` // The canonical hosted zone ID of this load balancer. // Default: - When not provided, LB cannot be used as Route53 Alias target. // LoadBalancerCanonicalHostedZoneId *string `field:"optional" json:"loadBalancerCanonicalHostedZoneId" yaml:"loadBalancerCanonicalHostedZoneId"` // The DNS name of this load balancer. // Default: - When not provided, LB cannot be used as Route53 Alias target. // LoadBalancerDnsName *string `field:"optional" json:"loadBalancerDnsName" yaml:"loadBalancerDnsName"` // Security groups to associate with this load balancer. // Default: - No security groups associated with the load balancer. // LoadBalancerSecurityGroups *[]*string `field:"optional" json:"loadBalancerSecurityGroups" yaml:"loadBalancerSecurityGroups"` // The VPC to associate with the load balancer. // Default: - When not provided, listeners cannot be created on imported load // balancers. // Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` }
Properties to reference an existing load balancer.
Example:
// Create an Accelerator accelerator := globalaccelerator.NewAccelerator(this, jsii.String("Accelerator")) // Create a Listener listener := accelerator.AddListener(jsii.String("Listener"), &ListenerOptions{ PortRanges: []portRange{ &portRange{ FromPort: jsii.Number(80), }, &portRange{ FromPort: jsii.Number(443), }, }, }) // Import the Load Balancers nlb1 := elbv2.NetworkLoadBalancer_FromNetworkLoadBalancerAttributes(this, jsii.String("NLB1"), &NetworkLoadBalancerAttributes{ LoadBalancerArn: jsii.String("arn:aws:elasticloadbalancing:us-west-2:111111111111:loadbalancer/app/my-load-balancer1/e16bef66805b"), }) nlb2 := elbv2.NetworkLoadBalancer_FromNetworkLoadBalancerAttributes(this, jsii.String("NLB2"), &NetworkLoadBalancerAttributes{ LoadBalancerArn: jsii.String("arn:aws:elasticloadbalancing:ap-south-1:111111111111:loadbalancer/app/my-load-balancer2/5513dc2ea8a1"), }) // Add one EndpointGroup for each Region we are targeting listener.AddEndpointGroup(jsii.String("Group1"), &EndpointGroupOptions{ Endpoints: []iEndpoint{ ga_endpoints.NewNetworkLoadBalancerEndpoint(nlb1), }, }) listener.AddEndpointGroup(jsii.String("Group2"), &EndpointGroupOptions{ // Imported load balancers automatically calculate their Region from the ARN. // If you are load balancing to other resources, you must also pass a `region` // parameter here. Endpoints: []*iEndpoint{ ga_endpoints.NewNetworkLoadBalancerEndpoint(nlb2), }, })
type NetworkLoadBalancerLookupOptions ¶
type NetworkLoadBalancerLookupOptions struct { // Find by load balancer's ARN. // Default: - does not search by load balancer arn. // LoadBalancerArn *string `field:"optional" json:"loadBalancerArn" yaml:"loadBalancerArn"` // Match load balancer tags. // Default: - does not match load balancers by tags. // LoadBalancerTags *map[string]*string `field:"optional" json:"loadBalancerTags" yaml:"loadBalancerTags"` }
Options for looking up an NetworkLoadBalancer.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" networkLoadBalancerLookupOptions := &NetworkLoadBalancerLookupOptions{ LoadBalancerArn: jsii.String("loadBalancerArn"), LoadBalancerTags: map[string]*string{ "loadBalancerTagsKey": jsii.String("loadBalancerTags"), }, }
type NetworkLoadBalancerProps ¶
type NetworkLoadBalancerProps struct { // The VPC network to place the load balancer in. Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"` // Indicates whether cross-zone load balancing is enabled. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html // // Default: - false for Network Load Balancers and true for Application Load Balancers. // This can not be `false` for Application Load Balancers. // CrossZoneEnabled *bool `field:"optional" json:"crossZoneEnabled" yaml:"crossZoneEnabled"` // Indicates whether deletion protection is enabled. // Default: false. // DeletionProtection *bool `field:"optional" json:"deletionProtection" yaml:"deletionProtection"` // Indicates whether the load balancer blocks traffic through the Internet Gateway (IGW). // Default: - false for internet-facing load balancers and true for internal load balancers. // DenyAllIgwTraffic *bool `field:"optional" json:"denyAllIgwTraffic" yaml:"denyAllIgwTraffic"` // Whether the load balancer has an internet-routable address. // Default: false. // InternetFacing *bool `field:"optional" json:"internetFacing" yaml:"internetFacing"` // Name of the load balancer. // Default: - Automatically generated name. // LoadBalancerName *string `field:"optional" json:"loadBalancerName" yaml:"loadBalancerName"` // Which subnets place the load balancer in. // Default: - the Vpc default strategy. // VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"` // The AZ affinity routing policy. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity // // Default: - AZ affinity is disabled. // ClientRoutingPolicy ClientRoutingPolicy `field:"optional" json:"clientRoutingPolicy" yaml:"clientRoutingPolicy"` // Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink. // Default: true. // EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic *bool `` /* 136-byte string literal not displayed */ // The type of IP addresses to use. // // If you want to add a UDP or TCP_UDP listener to the load balancer, // you must choose IPv4. // Default: IpAddressType.IPV4 // IpAddressType IpAddressType `field:"optional" json:"ipAddressType" yaml:"ipAddressType"` // Security groups to associate with this load balancer. // Default: - No security groups associated with the load balancer. // SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"` }
Properties for a network load balancer.
Example:
import "github.com/aws/aws-cdk-go/awscdk" vpc := ec2.NewVpc(this, jsii.String("VPC")) lb := elbv2.NewNetworkLoadBalancer(this, jsii.String("lb"), &NetworkLoadBalancerProps{ Vpc: Vpc, }) listener := lb.AddListener(jsii.String("listener"), &BaseNetworkListenerProps{ Port: jsii.Number(80), }) listener.AddTargets(jsii.String("target"), &AddNetworkTargetsProps{ Port: jsii.Number(80), }) httpEndpoint := apigwv2.NewHttpApi(this, jsii.String("HttpProxyPrivateApi"), &HttpApiProps{ DefaultIntegration: awscdk.NewHttpNlbIntegration(jsii.String("DefaultIntegration"), listener), })
type NetworkTargetGroup ¶
type NetworkTargetGroup interface { TargetGroupBase INetworkTargetGroup // Default port configured for members of this target group. DefaultPort() *float64 // Full name of first load balancer. FirstLoadBalancerFullName() *string // Health check for the members of this target group. HealthCheck() *HealthCheck SetHealthCheck(val *HealthCheck) // A token representing a list of ARNs of the load balancers that route traffic to this target group. LoadBalancerArns() *string // List of constructs that need to be depended on to ensure the TargetGroup is associated to a load balancer. LoadBalancerAttached() constructs.IDependable // Configurable dependable with all resources that lead to load balancer attachment. LoadBalancerAttachedDependencies() constructs.DependencyGroup // All metrics available for this target group. Metrics() INetworkTargetGroupMetrics // The tree node. Node() constructs.Node // The ARN of the target group. TargetGroupArn() *string // The full name of the target group. TargetGroupFullName() *string // ARNs of load balancers load balancing to this TargetGroup. TargetGroupLoadBalancerArns() *[]*string // The name of the target group. TargetGroupName() *string // The types of the directly registered members of this target group. TargetType() TargetType SetTargetType(val TargetType) // Register the given load balancing target as part of this group. AddLoadBalancerTarget(props *LoadBalancerTargetProps) // Add a load balancing target to this target group. AddTarget(targets ...INetworkLoadBalancerTarget) // Set/replace the target group's health check. ConfigureHealthCheck(healthCheck *HealthCheck) // The number of targets that are considered healthy. // Default: Average over 5 minutes. // // Deprecated: Use “NetworkTargetGroup.metrics.healthyHostCount“ instead MetricHealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // The number of targets that are considered unhealthy. // Default: Average over 5 minutes. // // Deprecated: Use “NetworkTargetGroup.metrics.healthyHostCount“ instead MetricUnHealthyHostCount(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Register a listener that is load balancing to this target group. // // Don't call this directly. It will be called by listeners. RegisterListener(listener INetworkListener) // Set a non-standard attribute on the target group. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateHealthCheck() *[]*string ValidateTargetGroup() *[]*string }
Define a Network Target Group.
Example:
import elb "github.com/aws/aws-cdk-go/awscdk" import elb2 "github.com/aws/aws-cdk-go/awscdk" var clb loadBalancer var alb applicationLoadBalancer var nlb networkLoadBalancer albListener := alb.AddListener(jsii.String("ALBListener"), &BaseApplicationListenerProps{ Port: jsii.Number(80), }) albTargetGroup := albListener.AddTargets(jsii.String("ALBFleet"), &AddApplicationTargetsProps{ Port: jsii.Number(80), }) nlbListener := nlb.AddListener(jsii.String("NLBListener"), &BaseNetworkListenerProps{ Port: jsii.Number(80), }) nlbTargetGroup := nlbListener.AddTargets(jsii.String("NLBFleet"), &AddNetworkTargetsProps{ Port: jsii.Number(80), }) deploymentGroup := codedeploy.NewServerDeploymentGroup(this, jsii.String("DeploymentGroup"), &ServerDeploymentGroupProps{ LoadBalancers: []loadBalancer{ codedeploy.*loadBalancer_Classic(clb), codedeploy.*loadBalancer_Application(albTargetGroup), codedeploy.*loadBalancer_Network(nlbTargetGroup), }, })
func NewNetworkTargetGroup ¶
func NewNetworkTargetGroup(scope constructs.Construct, id *string, props *NetworkTargetGroupProps) NetworkTargetGroup
type NetworkTargetGroupProps ¶
type NetworkTargetGroupProps struct { // The amount of time for Elastic Load Balancing to wait before deregistering a target. // // The range is 0-3600 seconds. // Default: 300. // DeregistrationDelay awscdk.Duration `field:"optional" json:"deregistrationDelay" yaml:"deregistrationDelay"` // Health check configuration. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties // // Default: - The default value for each property in this configuration varies depending on the target. // HealthCheck *HealthCheck `field:"optional" json:"healthCheck" yaml:"healthCheck"` // The name of the target group. // // This name must be unique per region per account, can have a maximum of // 32 characters, must contain only alphanumeric characters or hyphens, and // must not begin or end with a hyphen. // Default: - Automatically generated. // TargetGroupName *string `field:"optional" json:"targetGroupName" yaml:"targetGroupName"` // The type of targets registered to this TargetGroup, either IP or Instance. // // All targets registered into the group must be of this type. If you // register targets to the TargetGroup in the CDK app, the TargetType is // determined automatically. // Default: - Determined automatically. // TargetType TargetType `field:"optional" json:"targetType" yaml:"targetType"` // The virtual private cloud (VPC). // // only if `TargetType` is `Ip` or `InstanceId`. // Default: - undefined. // Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` // The port on which the target receives traffic. Port *float64 `field:"required" json:"port" yaml:"port"` // Indicates whether the load balancer terminates connections at the end of the deregistration timeout. // Default: false. // ConnectionTermination *bool `field:"optional" json:"connectionTermination" yaml:"connectionTermination"` // Indicates whether client IP preservation is enabled. // Default: false if the target group type is IP address and the // target group protocol is TCP or TLS. Otherwise, true. // PreserveClientIp *bool `field:"optional" json:"preserveClientIp" yaml:"preserveClientIp"` // Protocol for target group, expects TCP, TLS, UDP, or TCP_UDP. // Default: - TCP. // Protocol Protocol `field:"optional" json:"protocol" yaml:"protocol"` // Indicates whether Proxy Protocol version 2 is enabled. // Default: false. // ProxyProtocolV2 *bool `field:"optional" json:"proxyProtocolV2" yaml:"proxyProtocolV2"` // The targets to add to this target group. // // Can be `Instance`, `IPAddress`, or any self-registering load balancing // target. If you use either `Instance` or `IPAddress` as targets, all // target must be of the same type. // Default: - No targets. // Targets *[]INetworkLoadBalancerTarget `field:"optional" json:"targets" yaml:"targets"` }
Properties for a new Network Target Group.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var networkLoadBalancerTarget iNetworkLoadBalancerTarget var vpc vpc networkTargetGroupProps := &NetworkTargetGroupProps{ Port: jsii.Number(123), // the properties below are optional ConnectionTermination: jsii.Boolean(false), DeregistrationDelay: cdk.Duration_Minutes(jsii.Number(30)), HealthCheck: &HealthCheck{ Enabled: jsii.Boolean(false), HealthyGrpcCodes: jsii.String("healthyGrpcCodes"), HealthyHttpCodes: jsii.String("healthyHttpCodes"), HealthyThresholdCount: jsii.Number(123), Interval: cdk.Duration_*Minutes(jsii.Number(30)), Path: jsii.String("path"), Port: jsii.String("port"), Protocol: awscdk.Aws_elasticloadbalancingv2.Protocol_HTTP, Timeout: cdk.Duration_*Minutes(jsii.Number(30)), UnhealthyThresholdCount: jsii.Number(123), }, PreserveClientIp: jsii.Boolean(false), Protocol: awscdk.*Aws_elasticloadbalancingv2.Protocol_HTTP, ProxyProtocolV2: jsii.Boolean(false), TargetGroupName: jsii.String("targetGroupName"), Targets: []*iNetworkLoadBalancerTarget{ networkLoadBalancerTarget, }, TargetType: awscdk.*Aws_elasticloadbalancingv2.TargetType_INSTANCE, Vpc: vpc, }
type NetworkWeightedTargetGroup ¶
type NetworkWeightedTargetGroup struct { // The target group. TargetGroup INetworkTargetGroup `field:"required" json:"targetGroup" yaml:"targetGroup"` // The target group's weight. // // Range is [0..1000). // Default: 1. // Weight *float64 `field:"optional" json:"weight" yaml:"weight"` }
A Target Group and weight combination.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var networkTargetGroup networkTargetGroup networkWeightedTargetGroup := &NetworkWeightedTargetGroup{ TargetGroup: networkTargetGroup, // the properties below are optional Weight: jsii.Number(123), }
type Protocol ¶
type Protocol string
Backend protocol for network load balancers and health checks.
Example:
import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" vpc := ec2.NewVpc(this, jsii.String("Vpc"), &VpcProps{ MaxAzs: jsii.Number(1), }) loadBalancedFargateService := ecsPatterns.NewApplicationMultipleTargetGroupsFargateService(this, jsii.String("myService"), &ApplicationMultipleTargetGroupsFargateServiceProps{ Cluster: ecs.NewCluster(this, jsii.String("EcsCluster"), &ClusterProps{ Vpc: *Vpc, }), MemoryLimitMiB: jsii.Number(256), TaskImageOptions: &ApplicationLoadBalancedTaskImageProps{ Image: ecs.ContainerImage_FromRegistry(jsii.String("amazon/amazon-ecs-sample")), }, EnableExecuteCommand: jsii.Boolean(true), LoadBalancers: []applicationLoadBalancerProps{ &applicationLoadBalancerProps{ Name: jsii.String("lb"), IdleTimeout: awscdk.Duration_Seconds(jsii.Number(400)), DomainName: jsii.String("api.example.com"), DomainZone: awscdk.NewPublicHostedZone(this, jsii.String("HostedZone"), &PublicHostedZoneProps{ ZoneName: jsii.String("example.com"), }), Listeners: []applicationListenerProps{ &applicationListenerProps{ Name: jsii.String("listener"), Protocol: awscdk.ApplicationProtocol_HTTPS, Certificate: awscdk.Certificate_FromCertificateArn(this, jsii.String("Cert"), jsii.String("helloworld")), SslPolicy: awscdk.SslPolicy_TLS12_EXT, }, }, }, &applicationLoadBalancerProps{ Name: jsii.String("lb2"), IdleTimeout: awscdk.Duration_*Seconds(jsii.Number(120)), DomainName: jsii.String("frontend.com"), DomainZone: awscdk.NewPublicHostedZone(this, jsii.String("HostedZone"), &PublicHostedZoneProps{ ZoneName: jsii.String("frontend.com"), }), Listeners: []*applicationListenerProps{ &applicationListenerProps{ Name: jsii.String("listener2"), Protocol: awscdk.ApplicationProtocol_HTTPS, Certificate: awscdk.Certificate_*FromCertificateArn(this, jsii.String("Cert2"), jsii.String("helloworld")), SslPolicy: awscdk.SslPolicy_TLS12_EXT, }, }, }, }, TargetGroups: []applicationTargetProps{ &applicationTargetProps{ ContainerPort: jsii.Number(80), Listener: jsii.String("listener"), }, &applicationTargetProps{ ContainerPort: jsii.Number(90), PathPattern: jsii.String("a/b/c"), Priority: jsii.Number(10), Listener: jsii.String("listener"), }, &applicationTargetProps{ ContainerPort: jsii.Number(443), Listener: jsii.String("listener2"), }, &applicationTargetProps{ ContainerPort: jsii.Number(80), PathPattern: jsii.String("a/b/c"), Priority: jsii.Number(10), Listener: jsii.String("listener2"), }, }, }) loadBalancedFargateService.TargetGroups[0].ConfigureHealthCheck(&HealthCheck{ Port: jsii.String("8050"), Protocol: awscdk.Protocol_HTTP, HealthyThresholdCount: jsii.Number(2), UnhealthyThresholdCount: jsii.Number(2), Timeout: awscdk.Duration_*Seconds(jsii.Number(10)), Interval: awscdk.Duration_*Seconds(jsii.Number(30)), HealthyHttpCodes: jsii.String("200"), }) loadBalancedFargateService.TargetGroups[1].ConfigureHealthCheck(&HealthCheck{ Port: jsii.String("8050"), Protocol: awscdk.Protocol_HTTP, HealthyThresholdCount: jsii.Number(2), UnhealthyThresholdCount: jsii.Number(2), Timeout: awscdk.Duration_*Seconds(jsii.Number(10)), Interval: awscdk.Duration_*Seconds(jsii.Number(30)), HealthyHttpCodes: jsii.String("200"), })
const ( // HTTP (ALB health checks and NLB health checks). Protocol_HTTP Protocol = "HTTP" // HTTPS (ALB health checks and NLB health checks). Protocol_HTTPS Protocol = "HTTPS" // TCP (NLB, NLB health checks). Protocol_TCP Protocol = "TCP" // TLS (NLB). Protocol_TLS Protocol = "TLS" // UDP (NLB). Protocol_UDP Protocol = "UDP" // Listen to both TCP and UDP on the same port (NLB). Protocol_TCP_UDP Protocol = "TCP_UDP" )
type QueryStringCondition ¶
type QueryStringCondition struct { // The query string value for the condition. Value *string `field:"required" json:"value" yaml:"value"` // The query string key for the condition. // Default: - Any key can be matched. // Key *string `field:"optional" json:"key" yaml:"key"` }
Properties for the key/value pair of the query string.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" queryStringCondition := &QueryStringCondition{ Value: jsii.String("value"), // the properties below are optional Key: jsii.String("key"), }
type RedirectOptions ¶
type RedirectOptions struct { // The hostname. // // This component is not percent-encoded. The hostname can contain #{host}. // Default: - No change. // Host *string `field:"optional" json:"host" yaml:"host"` // The absolute path, starting with the leading "/". // // This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. // Default: - No change. // Path *string `field:"optional" json:"path" yaml:"path"` // The HTTP redirect code. // // The redirect is either permanent (HTTP 301) or temporary (HTTP 302). // Default: false. // Permanent *bool `field:"optional" json:"permanent" yaml:"permanent"` // The port. // // You can specify a value from 1 to 65535 or #{port}. // Default: - No change. // Port *string `field:"optional" json:"port" yaml:"port"` // The protocol. // // You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP. // Default: - No change. // Protocol *string `field:"optional" json:"protocol" yaml:"protocol"` // The query parameters, URL-encoded when necessary, but not percent-encoded. // // Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. // Default: - No change. // Query *string `field:"optional" json:"query" yaml:"query"` }
Options for `ListenerAction.redirect()`.
A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values.
You can reuse URI components using the following reserved keywords:
- `#{protocol}` - `#{host}` - `#{port}` - `#{path}` (the leading "/" is removed) - `#{query}`
For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz".
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" redirectOptions := &RedirectOptions{ Host: jsii.String("host"), Path: jsii.String("path"), Permanent: jsii.Boolean(false), Port: jsii.String("port"), Protocol: jsii.String("protocol"), Query: jsii.String("query"), }
type RevocationContent ¶ added in v2.154.0
type RevocationContent struct { // The Amazon S3 bucket for the revocation file. Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"` // The Amazon S3 path for the revocation file. Key *string `field:"required" json:"key" yaml:"key"` // The type of revocation file. // Default: RevocationType.CRL // RevocationType RevocationType `field:"optional" json:"revocationType" yaml:"revocationType"` // The Amazon S3 object version of the revocation file. // Default: - latest version. // Version *string `field:"optional" json:"version" yaml:"version"` }
Information about a revocation file.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var bucket bucket revocationContent := &RevocationContent{ Bucket: bucket, Key: jsii.String("key"), // the properties below are optional RevocationType: awscdk.Aws_elasticloadbalancingv2.RevocationType_CRL, Version: jsii.String("version"), }
type RevocationType ¶ added in v2.154.0
type RevocationType string
The type of revocation file.
Example:
var trustStore trustStore var bucket bucket elbv2.NewTrustStoreRevocation(this, jsii.String("Revocation"), &TrustStoreRevocationProps{ TrustStore: TrustStore, RevocationContents: []revocationContent{ &revocationContent{ RevocationType: elbv2.RevocationType_CRL, Bucket: *Bucket, Key: jsii.String("crl.pem"), }, }, })
const ( // A signed list of revoked certificates. RevocationType_CRL RevocationType = "CRL" )
type SslPolicy ¶
type SslPolicy string
Elastic Load Balancing provides the following security policies for Application Load Balancers.
We recommend the Recommended policy for general use. You can use the ForwardSecrecy policy if you require Forward Secrecy (FS).
You can use one of the TLS policies to meet compliance and security standards that require disabling certain TLS protocol versions, or to support legacy clients that require deprecated ciphers.
Example:
import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" vpc := ec2.NewVpc(this, jsii.String("Vpc"), &VpcProps{ MaxAzs: jsii.Number(1), }) loadBalancedFargateService := ecsPatterns.NewApplicationMultipleTargetGroupsFargateService(this, jsii.String("myService"), &ApplicationMultipleTargetGroupsFargateServiceProps{ Cluster: ecs.NewCluster(this, jsii.String("EcsCluster"), &ClusterProps{ Vpc: *Vpc, }), MemoryLimitMiB: jsii.Number(256), TaskImageOptions: &ApplicationLoadBalancedTaskImageProps{ Image: ecs.ContainerImage_FromRegistry(jsii.String("amazon/amazon-ecs-sample")), }, EnableExecuteCommand: jsii.Boolean(true), LoadBalancers: []applicationLoadBalancerProps{ &applicationLoadBalancerProps{ Name: jsii.String("lb"), IdleTimeout: awscdk.Duration_Seconds(jsii.Number(400)), DomainName: jsii.String("api.example.com"), DomainZone: awscdk.NewPublicHostedZone(this, jsii.String("HostedZone"), &PublicHostedZoneProps{ ZoneName: jsii.String("example.com"), }), Listeners: []applicationListenerProps{ &applicationListenerProps{ Name: jsii.String("listener"), Protocol: awscdk.ApplicationProtocol_HTTPS, Certificate: awscdk.Certificate_FromCertificateArn(this, jsii.String("Cert"), jsii.String("helloworld")), SslPolicy: awscdk.SslPolicy_TLS12_EXT, }, }, }, &applicationLoadBalancerProps{ Name: jsii.String("lb2"), IdleTimeout: awscdk.Duration_*Seconds(jsii.Number(120)), DomainName: jsii.String("frontend.com"), DomainZone: awscdk.NewPublicHostedZone(this, jsii.String("HostedZone"), &PublicHostedZoneProps{ ZoneName: jsii.String("frontend.com"), }), Listeners: []*applicationListenerProps{ &applicationListenerProps{ Name: jsii.String("listener2"), Protocol: awscdk.ApplicationProtocol_HTTPS, Certificate: awscdk.Certificate_*FromCertificateArn(this, jsii.String("Cert2"), jsii.String("helloworld")), SslPolicy: awscdk.SslPolicy_TLS12_EXT, }, }, }, }, TargetGroups: []applicationTargetProps{ &applicationTargetProps{ ContainerPort: jsii.Number(80), Listener: jsii.String("listener"), }, &applicationTargetProps{ ContainerPort: jsii.Number(90), PathPattern: jsii.String("a/b/c"), Priority: jsii.Number(10), Listener: jsii.String("listener"), }, &applicationTargetProps{ ContainerPort: jsii.Number(443), Listener: jsii.String("listener2"), }, &applicationTargetProps{ ContainerPort: jsii.Number(80), PathPattern: jsii.String("a/b/c"), Priority: jsii.Number(10), Listener: jsii.String("listener2"), }, }, })
See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
const ( // The recommended security policy for TLS listeners. // // This is the default policy for listeners created using the AWS Management Console. SslPolicy_RECOMMENDED_TLS SslPolicy = "RECOMMENDED_TLS" // The recommended policy for http listeners. // // This is the default security policy for listeners created using the AWS CLI. SslPolicy_RECOMMENDED SslPolicy = "RECOMMENDED" // TLS1.2 and 1.3. SslPolicy_TLS13_RES SslPolicy = "TLS13_RES" // TLS1.2 and 1.3 and no SHA ciphers. SslPolicy_TLS13_EXT1 SslPolicy = "TLS13_EXT1" // TLS1.2 and 1.3 with all ciphers. SslPolicy_TLS13_EXT2 SslPolicy = "TLS13_EXT2" // TLS1.0 through 1.3 with all ciphers. SslPolicy_TLS13_10 SslPolicy = "TLS13_10" // TLS1.1 through 1.3 with all ciphers. SslPolicy_TLS13_11 SslPolicy = "TLS13_11" // TLS1.3 only. SslPolicy_TLS13_13 SslPolicy = "TLS13_13" // TLS 1.3 only with AES 128 and 256 GCM SHA ciphers. SslPolicy_FIPS_TLS13_13 SslPolicy = "FIPS_TLS13_13" // TLS 1.2 and 1.3 with AES and ECDHE GCM/SHA ciphers. SslPolicy_FIPS_TLS13_12_RES SslPolicy = "FIPS_TLS13_12_RES" // TLS 1.2 and 1.3 with ECDHE SHA/GCM ciphers, excluding SHA1 ciphers. SslPolicy_FIPS_TLS13_12 SslPolicy = "FIPS_TLS13_12" // TLS 1.2 and 1.3 with all ECDHE ciphers. SslPolicy_FIPS_TLS13_12_EXT0 SslPolicy = "FIPS_TLS13_12_EXT0" // TLS 1.2 and 1.3 with all AES and ECDHE ciphers excluding SHA1 ciphers. SslPolicy_FIPS_TLS13_12_EXT1 SslPolicy = "FIPS_TLS13_12_EXT1" // TLS 1.2 and 1.3 with all ciphers. SslPolicy_FIPS_TLS13_12_EXT2 SslPolicy = "FIPS_TLS13_12_EXT2" // TLS1.1 through 1.3 with all ciphers. SslPolicy_FIPS_TLS13_11 SslPolicy = "FIPS_TLS13_11" // TLS1.0 through 1.3 with all ciphers. SslPolicy_FIPS_TLS13_10 SslPolicy = "FIPS_TLS13_10" // Strong foward secrecy ciphers and TLV1.2 only (2020 edition). Same as FORWARD_SECRECY_TLS12_RES, but only supports GCM versions of the TLS ciphers. SslPolicy_FORWARD_SECRECY_TLS12_RES_GCM SslPolicy = "FORWARD_SECRECY_TLS12_RES_GCM" // Strong forward secrecy ciphers and TLS1.2 only. SslPolicy_FORWARD_SECRECY_TLS12_RES SslPolicy = "FORWARD_SECRECY_TLS12_RES" // Forward secrecy ciphers and TLS1.2 only. SslPolicy_FORWARD_SECRECY_TLS12 SslPolicy = "FORWARD_SECRECY_TLS12" // Forward secrecy ciphers only with TLS1.1 and 1.2. SslPolicy_FORWARD_SECRECY_TLS11 SslPolicy = "FORWARD_SECRECY_TLS11" // Forward secrecy ciphers only. SslPolicy_FORWARD_SECRECY SslPolicy = "FORWARD_SECRECY" // TLS1.2 only and no SHA ciphers. SslPolicy_TLS12 SslPolicy = "TLS12" // TLS1.2 only with all ciphers. SslPolicy_TLS12_EXT SslPolicy = "TLS12_EXT" // TLS1.1 and 1.2 with all ciphers. SslPolicy_TLS11 SslPolicy = "TLS11" // Support for DES-CBC3-SHA. // // Do not use this security policy unless you must support a legacy client // that requires the DES-CBC3-SHA cipher, which is a weak cipher. SslPolicy_LEGACY SslPolicy = "LEGACY" )
type TargetGroupAttributes ¶
type TargetGroupAttributes struct { // ARN of the target group. TargetGroupArn *string `field:"required" json:"targetGroupArn" yaml:"targetGroupArn"` // A Token representing the list of ARNs for the load balancer routing to this target group. LoadBalancerArns *string `field:"optional" json:"loadBalancerArns" yaml:"loadBalancerArns"` }
Properties to reference an existing target group.
Example:
var stack stack targetGroup := elbv2.ApplicationTargetGroup_FromTargetGroupAttributes(this, jsii.String("MyTargetGroup"), &TargetGroupAttributes{ TargetGroupArn: awscdk.Fn_ImportValue(jsii.String("TargetGroupArn")), LoadBalancerArns: awscdk.Fn_*ImportValue(jsii.String("LoadBalancerArn")), }) targetGroupMetrics := targetGroup.Metrics
type TargetGroupBase ¶
type TargetGroupBase interface { constructs.Construct ITargetGroup // Default port configured for members of this target group. DefaultPort() *float64 // Full name of first load balancer. // // This identifier is emitted as a dimensions of the metrics of this target // group. // // Example value: `app/my-load-balancer/123456789`. FirstLoadBalancerFullName() *string // Health check for the members of this target group. HealthCheck() *HealthCheck SetHealthCheck(val *HealthCheck) // A token representing a list of ARNs of the load balancers that route traffic to this target group. LoadBalancerArns() *string // List of constructs that need to be depended on to ensure the TargetGroup is associated to a load balancer. LoadBalancerAttached() constructs.IDependable // Configurable dependable with all resources that lead to load balancer attachment. LoadBalancerAttachedDependencies() constructs.DependencyGroup // The tree node. Node() constructs.Node // The ARN of the target group. TargetGroupArn() *string // The full name of the target group. TargetGroupFullName() *string // ARNs of load balancers load balancing to this TargetGroup. TargetGroupLoadBalancerArns() *[]*string // The name of the target group. TargetGroupName() *string // The types of the directly registered members of this target group. TargetType() TargetType SetTargetType(val TargetType) // Register the given load balancing target as part of this group. AddLoadBalancerTarget(props *LoadBalancerTargetProps) // Set/replace the target group's health check. ConfigureHealthCheck(healthCheck *HealthCheck) // Set a non-standard attribute on the target group. // See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes // SetAttribute(key *string, value *string) // Returns a string representation of this construct. ToString() *string ValidateHealthCheck() *[]*string ValidateTargetGroup() *[]*string }
Define the target of a load balancer.
type TargetGroupLoadBalancingAlgorithmType ¶
type TargetGroupLoadBalancingAlgorithmType string
Load balancing algorithmm type for target groups.
Example:
var vpc vpc tg := elbv2.NewApplicationTargetGroup(this, jsii.String("TargetGroup"), &ApplicationTargetGroupProps{ Vpc: Vpc, LoadBalancingAlgorithmType: elbv2.TargetGroupLoadBalancingAlgorithmType_WEIGHTED_RANDOM, EnableAnomalyMitigation: jsii.Boolean(true), })
const ( // round_robin. TargetGroupLoadBalancingAlgorithmType_ROUND_ROBIN TargetGroupLoadBalancingAlgorithmType = "ROUND_ROBIN" // least_outstanding_requests. TargetGroupLoadBalancingAlgorithmType_LEAST_OUTSTANDING_REQUESTS TargetGroupLoadBalancingAlgorithmType = "LEAST_OUTSTANDING_REQUESTS" // weighted_random. TargetGroupLoadBalancingAlgorithmType_WEIGHTED_RANDOM TargetGroupLoadBalancingAlgorithmType = "WEIGHTED_RANDOM" )
type TargetType ¶
type TargetType string
How to interpret the load balancing target identifiers.
Example:
var vpc vpc tg := elbv2.NewApplicationTargetGroup(this, jsii.String("TG"), &ApplicationTargetGroupProps{ TargetType: elbv2.TargetType_IP, Port: jsii.Number(50051), Protocol: elbv2.ApplicationProtocol_HTTP, ProtocolVersion: elbv2.ApplicationProtocolVersion_GRPC, HealthCheck: &HealthCheck{ Enabled: jsii.Boolean(true), HealthyGrpcCodes: jsii.String("0-99"), }, Vpc: Vpc, })
const ( // Targets identified by instance ID. TargetType_INSTANCE TargetType = "INSTANCE" // Targets identified by IP address. TargetType_IP TargetType = "IP" // Target is a single Lambda Function. TargetType_LAMBDA TargetType = "LAMBDA" // Target is a single Application Load Balancer. TargetType_ALB TargetType = "ALB" )
type TrustStore ¶ added in v2.154.0
type TrustStore interface { awscdk.Resource ITrustStore // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The tree node. Node() constructs.Node // The number of CA certificates in the trust store. NumberOfCaCertificates() *float64 // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // The status of the trust store. Status() *string // The ARN of the trust store. TrustStoreArn() *string // The name of the trust store. TrustStoreName() *string // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string }
A new Trust Store.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
func NewTrustStore ¶ added in v2.154.0
func NewTrustStore(scope constructs.Construct, id *string, props *TrustStoreProps) TrustStore
type TrustStoreProps ¶ added in v2.154.0
type TrustStoreProps struct { // The bucket that the trust store is hosted in. Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"` // The key in S3 to look at for the trust store. Key *string `field:"required" json:"key" yaml:"key"` // The name of the trust store. // Default: - Auto generated. // TrustStoreName *string `field:"optional" json:"trustStoreName" yaml:"trustStoreName"` // The version of the S3 object that contains your truststore. // // To specify a version, you must have versioning enabled for the S3 bucket. // Default: - latest version. // Version *string `field:"optional" json:"version" yaml:"version"` }
Properties used for the Trust Store.
Example:
import acm "github.com/aws/aws-cdk-go/awscdk" var certificate certificate var lb applicationLoadBalancer var bucket bucket trustStore := elbv2.NewTrustStore(this, jsii.String("Store"), &TrustStoreProps{ Bucket: Bucket, Key: jsii.String("rootCA_cert.pem"), }) lb.AddListener(jsii.String("Listener"), &BaseApplicationListenerProps{ Port: jsii.Number(443), Protocol: elbv2.ApplicationProtocol_HTTPS, Certificates: []iListenerCertificate{ certificate, }, // mTLS settings MutualAuthentication: &MutualAuthentication{ IgnoreClientCertificateExpiry: jsii.Boolean(false), MutualAuthenticationMode: elbv2.MutualAuthenticationMode_VERIFY, TrustStore: *TrustStore, }, DefaultAction: elbv2.ListenerAction_FixedResponse(jsii.Number(200), &FixedResponseOptions{ ContentType: jsii.String("text/plain"), MessageBody: jsii.String("Success mTLS"), }), })
type TrustStoreRevocation ¶ added in v2.154.0
type TrustStoreRevocation interface { awscdk.Resource // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The stack in which this resource is defined. Stack() awscdk.Stack // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string }
A new Trust Store Revocation.
Example:
var trustStore trustStore var bucket bucket elbv2.NewTrustStoreRevocation(this, jsii.String("Revocation"), &TrustStoreRevocationProps{ TrustStore: TrustStore, RevocationContents: []revocationContent{ &revocationContent{ RevocationType: elbv2.RevocationType_CRL, Bucket: *Bucket, Key: jsii.String("crl.pem"), }, }, })
func NewTrustStoreRevocation ¶ added in v2.154.0
func NewTrustStoreRevocation(scope constructs.Construct, id *string, props *TrustStoreRevocationProps) TrustStoreRevocation
type TrustStoreRevocationProps ¶ added in v2.154.0
type TrustStoreRevocationProps struct { // The revocation file to add. RevocationContents *[]*RevocationContent `field:"required" json:"revocationContents" yaml:"revocationContents"` // The trust store. TrustStore ITrustStore `field:"required" json:"trustStore" yaml:"trustStore"` }
Properties for the trust store revocation.
Example:
var trustStore trustStore var bucket bucket elbv2.NewTrustStoreRevocation(this, jsii.String("Revocation"), &TrustStoreRevocationProps{ TrustStore: TrustStore, RevocationContents: []revocationContent{ &revocationContent{ RevocationType: elbv2.RevocationType_CRL, Bucket: *Bucket, Key: jsii.String("crl.pem"), }, }, })
type UnauthenticatedAction ¶
type UnauthenticatedAction string
What to do with unauthenticated requests.
const ( // Return an HTTP 401 Unauthorized error. UnauthenticatedAction_DENY UnauthenticatedAction = "DENY" // Allow the request to be forwarded to the target. UnauthenticatedAction_ALLOW UnauthenticatedAction = "ALLOW" // Redirect the request to the IdP authorization endpoint. UnauthenticatedAction_AUTHENTICATE UnauthenticatedAction = "AUTHENTICATE" )
type WeightedTargetGroup ¶
type WeightedTargetGroup struct { // The target group. TargetGroup IApplicationTargetGroup `field:"required" json:"targetGroup" yaml:"targetGroup"` // The target group's weight. // // Range is [0..1000). // Default: 1. // Weight *float64 `field:"optional" json:"weight" yaml:"weight"` }
A Target Group and weight combination.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var applicationTargetGroup applicationTargetGroup weightedTargetGroup := &WeightedTargetGroup{ TargetGroup: applicationTargetGroup, // the properties below are optional Weight: jsii.Number(123), }
type XffHeaderProcessingMode ¶ added in v2.137.0
type XffHeaderProcessingMode string
Processing mode of the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target.
Example:
var vpc vpc lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &ApplicationLoadBalancerProps{ Vpc: Vpc, InternetFacing: jsii.Boolean(true), // Whether HTTP/2 is enabled Http2Enabled: jsii.Boolean(false), // The idle timeout value, in seconds IdleTimeout: awscdk.Duration_Seconds(jsii.Number(1000)), // Whether HTTP headers with header fields thatare not valid // are removed by the load balancer (true), or routed to targets DropInvalidHeaderFields: jsii.Boolean(true), // How the load balancer handles requests that might // pose a security risk to your application DesyncMitigationMode: elbv2.DesyncMitigationMode_DEFENSIVE, // The type of IP addresses to use. IpAddressType: elbv2.IpAddressType_IPV4, // The duration of client keep-alive connections ClientKeepAlive: awscdk.Duration_*Seconds(jsii.Number(500)), // Whether cross-zone load balancing is enabled. CrossZoneEnabled: jsii.Boolean(true), // Whether the load balancer blocks traffic through the Internet Gateway (IGW). DenyAllIgwTraffic: jsii.Boolean(false), // Whether to preserve host header in the request to the target PreserveHostHeader: jsii.Boolean(true), // Whether to add the TLS information header to the request XAmznTlsVersionAndCipherSuiteHeaders: jsii.Boolean(true), // Whether the X-Forwarded-For header should preserve the source port PreserveXffClientPort: jsii.Boolean(true), // The processing mode for X-Forwarded-For headers XffHeaderProcessingMode: elbv2.XffHeaderProcessingMode_APPEND, // Whether to allow a load balancer to route requests to targets if it is unable to forward the request to AWS WAF. WafFailOpen: jsii.Boolean(true), })
const ( // Application Load Balancer adds the client IP address (of the last hop) to the X-Forwarded-For header in the HTTP request before it sends it to targets. XffHeaderProcessingMode_APPEND XffHeaderProcessingMode = "APPEND" // Application Load Balancer preserves the X-Forwarded-For header in the HTTP request, and sends it to targets without any change. XffHeaderProcessingMode_PRESERVE XffHeaderProcessingMode = "PRESERVE" // Application Load Balancer removes the X-Forwarded-For header in the HTTP request before it sends it to targets. XffHeaderProcessingMode_REMOVE XffHeaderProcessingMode = "REMOVE" )
Source Files ¶
- AddApplicationActionProps.go
- AddApplicationTargetGroupsProps.go
- AddApplicationTargetsProps.go
- AddNetworkActionProps.go
- AddNetworkTargetsProps.go
- AddRuleProps.go
- AlpnPolicy.go
- ApplicationListener.go
- ApplicationListenerAttributes.go
- ApplicationListenerCertificate.go
- ApplicationListenerCertificateProps.go
- ApplicationListenerCertificate__checks.go
- ApplicationListenerLookupOptions.go
- ApplicationListenerProps.go
- ApplicationListenerRule.go
- ApplicationListenerRuleProps.go
- ApplicationListenerRule__checks.go
- ApplicationListener__checks.go
- ApplicationLoadBalancer.go
- ApplicationLoadBalancerAttributes.go
- ApplicationLoadBalancerLookupOptions.go
- ApplicationLoadBalancerProps.go
- ApplicationLoadBalancerRedirectConfig.go
- ApplicationLoadBalancer__checks.go
- ApplicationProtocol.go
- ApplicationProtocolVersion.go
- ApplicationTargetGroup.go
- ApplicationTargetGroupProps.go
- ApplicationTargetGroup__checks.go
- AuthenticateOidcOptions.go
- BaseApplicationListenerProps.go
- BaseApplicationListenerRuleProps.go
- BaseListener.go
- BaseListenerLookupOptions.go
- BaseListener__checks.go
- BaseLoadBalancer.go
- BaseLoadBalancerLookupOptions.go
- BaseLoadBalancerProps.go
- BaseLoadBalancer__checks.go
- BaseNetworkListenerProps.go
- BaseTargetGroupProps.go
- CfnListener.go
- CfnListenerCertificate.go
- CfnListenerCertificateProps.go
- CfnListenerCertificate_CertificateProperty.go
- CfnListenerCertificate__checks.go
- CfnListenerProps.go
- CfnListenerRule.go
- CfnListenerRuleProps.go
- CfnListenerRule_ActionProperty.go
- CfnListenerRule_AuthenticateCognitoConfigProperty.go
- CfnListenerRule_AuthenticateOidcConfigProperty.go
- CfnListenerRule_FixedResponseConfigProperty.go
- CfnListenerRule_ForwardConfigProperty.go
- CfnListenerRule_HostHeaderConfigProperty.go
- CfnListenerRule_HttpHeaderConfigProperty.go
- CfnListenerRule_HttpRequestMethodConfigProperty.go
- CfnListenerRule_PathPatternConfigProperty.go
- CfnListenerRule_QueryStringConfigProperty.go
- CfnListenerRule_QueryStringKeyValueProperty.go
- CfnListenerRule_RedirectConfigProperty.go
- CfnListenerRule_RuleConditionProperty.go
- CfnListenerRule_SourceIpConfigProperty.go
- CfnListenerRule_TargetGroupStickinessConfigProperty.go
- CfnListenerRule_TargetGroupTupleProperty.go
- CfnListenerRule__checks.go
- CfnListener_ActionProperty.go
- CfnListener_AuthenticateCognitoConfigProperty.go
- CfnListener_AuthenticateOidcConfigProperty.go
- CfnListener_CertificateProperty.go
- CfnListener_FixedResponseConfigProperty.go
- CfnListener_ForwardConfigProperty.go
- CfnListener_MutualAuthenticationProperty.go
- CfnListener_RedirectConfigProperty.go
- CfnListener_TargetGroupStickinessConfigProperty.go
- CfnListener_TargetGroupTupleProperty.go
- CfnListener__checks.go
- CfnLoadBalancer.go
- CfnLoadBalancerProps.go
- CfnLoadBalancer_LoadBalancerAttributeProperty.go
- CfnLoadBalancer_SubnetMappingProperty.go
- CfnLoadBalancer__checks.go
- CfnTargetGroup.go
- CfnTargetGroupProps.go
- CfnTargetGroup_MatcherProperty.go
- CfnTargetGroup_TargetDescriptionProperty.go
- CfnTargetGroup_TargetGroupAttributeProperty.go
- CfnTargetGroup__checks.go
- CfnTrustStore.go
- CfnTrustStoreProps.go
- CfnTrustStoreRevocation.go
- CfnTrustStoreRevocationProps.go
- CfnTrustStoreRevocation_RevocationContentProperty.go
- CfnTrustStoreRevocation_TrustStoreRevocationProperty.go
- CfnTrustStoreRevocation__checks.go
- CfnTrustStore__checks.go
- ClientRoutingPolicy.go
- DesyncMitigationMode.go
- FixedResponseOptions.go
- ForwardOptions.go
- HealthCheck.go
- HttpCodeElb.go
- HttpCodeTarget.go
- IApplicationListener.go
- IApplicationListener__checks.go
- IApplicationLoadBalancer.go
- IApplicationLoadBalancerMetrics.go
- IApplicationLoadBalancerMetrics__checks.go
- IApplicationLoadBalancerTarget.go
- IApplicationLoadBalancerTarget__checks.go
- IApplicationLoadBalancer__checks.go
- IApplicationTargetGroup.go
- IApplicationTargetGroupMetrics.go
- IApplicationTargetGroupMetrics__checks.go
- IApplicationTargetGroup__checks.go
- IListener.go
- IListenerAction.go
- IListenerCertificate.go
- ILoadBalancerV2.go
- INetworkListener.go
- INetworkLoadBalancer.go
- INetworkLoadBalancerMetrics.go
- INetworkLoadBalancerMetrics__checks.go
- INetworkLoadBalancerTarget.go
- INetworkLoadBalancerTarget__checks.go
- INetworkLoadBalancer__checks.go
- INetworkTargetGroup.go
- INetworkTargetGroupMetrics.go
- INetworkTargetGroupMetrics__checks.go
- INetworkTargetGroup__checks.go
- ITargetGroup.go
- ITrustStore.go
- IpAddressType.go
- ListenerAction.go
- ListenerAction__checks.go
- ListenerCertificate.go
- ListenerCertificate__checks.go
- ListenerCondition.go
- ListenerCondition__checks.go
- LoadBalancerTargetProps.go
- MutualAuthentication.go
- MutualAuthenticationMode.go
- NetworkForwardOptions.go
- NetworkListener.go
- NetworkListenerAction.go
- NetworkListenerAction__checks.go
- NetworkListenerLookupOptions.go
- NetworkListenerProps.go
- NetworkListener__checks.go
- NetworkLoadBalancer.go
- NetworkLoadBalancerAttributes.go
- NetworkLoadBalancerLookupOptions.go
- NetworkLoadBalancerProps.go
- NetworkLoadBalancer__checks.go
- NetworkTargetGroup.go
- NetworkTargetGroupProps.go
- NetworkTargetGroup__checks.go
- NetworkWeightedTargetGroup.go
- Protocol.go
- QueryStringCondition.go
- RedirectOptions.go
- RevocationContent.go
- RevocationType.go
- SslPolicy.go
- TargetGroupAttributes.go
- TargetGroupBase.go
- TargetGroupBase__checks.go
- TargetGroupLoadBalancingAlgorithmType.go
- TargetType.go
- TrustStore.go
- TrustStoreProps.go
- TrustStoreRevocation.go
- TrustStoreRevocationProps.go
- TrustStoreRevocation__checks.go
- TrustStore__checks.go
- UnauthenticatedAction.go
- WeightedTargetGroup.go
- XffHeaderProcessingMode.go
- main.go