There are more AWS SDK examples available in the AWS Doc SDK Examples
Getting started with Elastic Load Balancing
The following code example shows how to:
Create an Application Load Balancer
Create a target group
Create a listener
Verify your configuration
Add an HTTPS listener (optional)
Add path-based routing (optional)
Clean up resources
- Bash
-
- AWS CLI with Bash script
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the Sample developer tutorials
repository. #!/bin/bash # Elastic Load Balancing Getting Started Script - v2 # This script creates an Application Load Balancer with HTTP listener and target group set -euo pipefail # Set up logging LOG_FILE="elb-script-v2.log" exec > >(tee -a "$LOG_FILE") 2>&1 echo "Starting Elastic Load Balancing setup script at $(date)" echo "All commands and outputs will be logged to $LOG_FILE" # Function to handle errors handle_error() { echo "ERROR: $1" >&2 echo "Attempting to clean up resources..." cleanup_resources exit 1 } # Function to check AWS CLI command success check_command() { local output="$1" if [[ -z "$output" ]] || [[ "$output" == "None" ]]; then handle_error "AWS CLI command returned empty or invalid output" fi } # Function to validate ARN format validate_arn() { local arn="$1" if [[ ! "$arn" =~ ^arn:aws:[a-z0-9-]+:[a-z0-9-]*:[0-9]{12}:.+$ ]]; then handle_error "Invalid ARN format: $arn" fi } # Function to validate security group ID validate_security_group_id() { local sg_id="$1" if [[ ! "$sg_id" =~ ^sg-[a-f0-9]{8,17}$ ]]; then handle_error "Invalid security group ID format: $sg_id" fi } # Function to validate VPC ID validate_vpc_id() { local vpc_id="$1" if [[ ! "$vpc_id" =~ ^vpc-[a-f0-9]{8,17}$ ]]; then handle_error "Invalid VPC ID format: $vpc_id" fi } # Function to clean up resources cleanup_resources() { echo "Cleaning up resources in reverse order..." if [ -n "${LISTENER_ARN:-}" ]; then echo "Deleting listener: $LISTENER_ARN" aws elbv2 delete-listener --listener-arn "$LISTENER_ARN" 2>/dev/null || true fi if [ -n "${LOAD_BALANCER_ARN:-}" ]; then echo "Deleting load balancer: $LOAD_BALANCER_ARN" aws elbv2 delete-load-balancer --load-balancer-arn "$LOAD_BALANCER_ARN" 2>/dev/null || true # Wait for load balancer to be deleted before deleting target group echo "Waiting for load balancer to be deleted..." aws elbv2 wait load-balancers-deleted --load-balancer-arns "$LOAD_BALANCER_ARN" 2>/dev/null || true fi if [ -n "${TARGET_GROUP_ARN:-}" ]; then echo "Deleting target group: $TARGET_GROUP_ARN" aws elbv2 delete-target-group --target-group-arn "$TARGET_GROUP_ARN" 2>/dev/null || true fi if [ -n "${SECURITY_GROUP_ID:-}" ]; then echo "Waiting 30 seconds before deleting security group to ensure all dependencies are removed..." sleep 30 echo "Deleting security group: $SECURITY_GROUP_ID" local sg_delete_output sg_delete_output=$(aws ec2 delete-security-group --group-id "$SECURITY_GROUP_ID" 2>&1 || true) local retry_count=0 local max_retries=5 while echo "$sg_delete_output" | grep -i "DependencyViolation" > /dev/null && [ $retry_count -lt $max_retries ]; do retry_count=$((retry_count+1)) echo "Security group still has dependencies. Retrying in 30 seconds... (Attempt $retry_count of $max_retries)" sleep 30 sg_delete_output=$(aws ec2 delete-security-group --group-id "$SECURITY_GROUP_ID" 2>&1 || true) done if echo "$sg_delete_output" | grep -i "error" > /dev/null; then echo "WARNING: Could not delete security group: $SECURITY_GROUP_ID" >&2 echo "You may need to delete it manually using: aws ec2 delete-security-group --group-id $SECURITY_GROUP_ID" else echo "Security group deleted successfully." fi fi } # Generate a random identifier for resource names RANDOM_ID=$(openssl rand -hex 4) RESOURCE_PREFIX="elb-demo-${RANDOM_ID}" # Verify AWS CLI is available if ! command -v aws &> /dev/null; then handle_error "AWS CLI is not installed or not in PATH" fi # Step 1: Verify AWS CLI support for Elastic Load Balancing echo "Verifying AWS CLI support for Elastic Load Balancing..." if ! aws elbv2 help > /dev/null 2>&1; then handle_error "AWS CLI does not support elbv2 commands. Please update your AWS CLI." fi # Step 2: Get VPC ID and subnet information echo "Retrieving VPC information..." VPC_INFO=$(aws ec2 describe-vpcs --filters "Name=isDefault,Values=true" --query "Vpcs[0].VpcId" --output text 2>/dev/null || echo "") check_command "$VPC_INFO" VPC_ID="$VPC_INFO" validate_vpc_id "$VPC_ID" echo "Using VPC: $VPC_ID" # Get two subnets from different Availability Zones echo "Retrieving subnet information..." SUBNET_INFO=$(aws ec2 describe-subnets --filters "Name=vpc-id,Values=$VPC_ID" --query "Subnets[0:2].SubnetId" --output text 2>/dev/null || echo "") check_command "$SUBNET_INFO" # Convert space-separated list to array read -r -a SUBNETS <<< "$SUBNET_INFO" if [ ${#SUBNETS[@]} -lt 2 ]; then handle_error "Need at least 2 subnets in different Availability Zones. Found: ${#SUBNETS[@]}" fi echo "Using subnets: ${SUBNETS[0]} and ${SUBNETS[1]}" # Step 3: Create a security group for the load balancer echo "Creating security group for the load balancer..." SG_INFO=$(aws ec2 create-security-group \ --group-name "${RESOURCE_PREFIX}-sg" \ --description "Security group for ELB demo" \ --vpc-id "$VPC_ID" \ --query "GroupId" --output text 2>/dev/null || echo "") check_command "$SG_INFO" SECURITY_GROUP_ID="$SG_INFO" validate_security_group_id "$SECURITY_GROUP_ID" echo "Created security group: $SECURITY_GROUP_ID" # Add inbound rule to allow HTTP traffic echo "Adding inbound rule to allow HTTP traffic..." aws ec2 authorize-security-group-ingress \ --group-id "$SECURITY_GROUP_ID" \ --protocol tcp \ --port 80 \ --cidr "0.0.0.0/0" > /dev/null 2>&1 || handle_error "Failed to authorize security group ingress" echo "WARNING: Security group allows HTTP from 0.0.0.0/0. In production, restrict to specific IP addresses." >&2 # Step 4: Create the load balancer echo "Creating Application Load Balancer..." LB_INFO=$(aws elbv2 create-load-balancer \ --name "${RESOURCE_PREFIX}-lb" \ --subnets "${SUBNETS[0]}" "${SUBNETS[1]}" \ --security-groups "$SECURITY_GROUP_ID" \ --query "LoadBalancers[0].LoadBalancerArn" --output text 2>/dev/null || echo "") check_command "$LB_INFO" LOAD_BALANCER_ARN="$LB_INFO" validate_arn "$LOAD_BALANCER_ARN" echo "Created load balancer: $LOAD_BALANCER_ARN" # Wait for the load balancer to be active echo "Waiting for load balancer to become active..." if ! aws elbv2 wait load-balancer-available --load-balancer-arns "$LOAD_BALANCER_ARN" 2>/dev/null; then handle_error "Load balancer did not reach active state within timeout period" fi # Step 5: Create a target group echo "Creating target group..." TG_INFO=$(aws elbv2 create-target-group \ --name "${RESOURCE_PREFIX}-targets" \ --protocol HTTP \ --port 80 \ --vpc-id "$VPC_ID" \ --target-type instance \ --query "TargetGroups[0].TargetGroupArn" --output text 2>/dev/null || echo "") check_command "$TG_INFO" TARGET_GROUP_ARN="$TG_INFO" validate_arn "$TARGET_GROUP_ARN" echo "Created target group: $TARGET_GROUP_ARN" # Step 6: Find EC2 instances to register as targets echo "Looking for available EC2 instances to register as targets..." INSTANCES=$(aws ec2 describe-instances \ --filters "Name=vpc-id,Values=$VPC_ID" "Name=instance-state-name,Values=running" \ --query "Reservations[*].Instances[*].InstanceId" --output text 2>/dev/null || echo "") # Convert space-separated list to array read -r -a INSTANCE_IDS <<< "$INSTANCES" if [ ${#INSTANCE_IDS[@]} -eq 0 ]; then echo "No running instances found in VPC $VPC_ID." echo "You will need to register targets manually after launching instances." else # Step 7: Register targets with the target group (up to 2 instances) echo "Registering targets with the target group..." target_args=() for i in "${!INSTANCE_IDS[@]}"; do if [ "$i" -lt 2 ]; then target_args+=("Id=${INSTANCE_IDS[$i]}") fi done if [ ${#target_args[@]} -gt 0 ]; then if aws elbv2 register-targets \ --target-group-arn "$TARGET_GROUP_ARN" \ --targets "${target_args[@]}" 2>/dev/null; then echo "Registered instances: ${target_args[*]}" else handle_error "Failed to register targets" fi fi fi # Step 8: Create a listener echo "Creating HTTP listener..." LISTENER_INFO=$(aws elbv2 create-listener \ --load-balancer-arn "$LOAD_BALANCER_ARN" \ --protocol HTTP \ --port 80 \ --default-actions Type=forward,TargetGroupArn="$TARGET_GROUP_ARN" \ --query "Listeners[0].ListenerArn" --output text 2>/dev/null || echo "") check_command "$LISTENER_INFO" LISTENER_ARN="$LISTENER_INFO" validate_arn "$LISTENER_ARN" echo "Created listener: $LISTENER_ARN" # Step 9: Verify target health echo "Verifying target health..." aws elbv2 describe-target-health --target-group-arn "$TARGET_GROUP_ARN" 2>/dev/null || true # Display load balancer DNS name LB_DNS=$(aws elbv2 describe-load-balancers \ --load-balancer-arns "$LOAD_BALANCER_ARN" \ --query "LoadBalancers[0].DNSName" --output text 2>/dev/null || echo "") check_command "$LB_DNS" echo "" echo "==============================================" echo "SETUP COMPLETE" echo "==============================================" echo "Load Balancer DNS Name: $LB_DNS" echo "" echo "Resources created:" echo "- Load Balancer: $LOAD_BALANCER_ARN" echo "- Target Group: $TARGET_GROUP_ARN" echo "- Listener: $LISTENER_ARN" echo "- Security Group: $SECURITY_GROUP_ID" echo "" # Prompt for cleanup confirmation echo "==============================================" echo "CLEANUP CONFIRMATION" echo "==============================================" read -p "Do you want to clean up all created resources? (y/n): " -r CLEANUP_CHOICE if [[ "$CLEANUP_CHOICE" =~ ^[Yy]$ ]]; then echo "Starting cleanup process..." cleanup_resources echo "Cleanup completed." else echo "Resources have been preserved." echo "To clean up later, run the following commands:" echo "aws elbv2 delete-listener --listener-arn $LISTENER_ARN" echo "aws elbv2 delete-load-balancer --load-balancer-arn $LOAD_BALANCER_ARN" echo "aws elbv2 wait load-balancers-deleted --load-balancer-arns $LOAD_BALANCER_ARN" echo "aws elbv2 delete-target-group --target-group-arn $TARGET_GROUP_ARN" echo "aws ec2 delete-security-group --group-id $SECURITY_GROUP_ID" fi echo "Script completed at $(date)"-
For API details, see the following topics in AWS CLI Command Reference.
-
Build and manage a resilient service
ElastiCache