Specifies a listener for an Application Load Balancer, Network Load Balancer, or Gateway Load Balancer.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"Type" : "AWS::ElasticLoadBalancingV2::Listener",
"Properties" : {
"AlpnPolicy" : [ String, ... ]
,
"Certificates" : [ Certificate, ... ]
,
"DefaultActions" : [ Action, ... ]
,
"ListenerAttributes" : [ ListenerAttribute, ... ]
,
"LoadBalancerArn" : String
,
"MutualAuthentication" : MutualAuthentication
,
"Port" : Integer
,
"Protocol" : String
,
"SslPolicy" : String
}
}
YAML
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
AlpnPolicy:
- String
Certificates:
- Certificate
DefaultActions:
- Action
ListenerAttributes:
- ListenerAttribute
LoadBalancerArn: String
MutualAuthentication:
MutualAuthentication
Port: Integer
Protocol: String
SslPolicy: String
Properties
AlpnPolicy
-
[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.
Required: No
Type: Array of String
Update requires: No interruption
Certificates
-
The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.
To create a certificate list for a secure listener, use AWS::ElasticLoadBalancingV2::ListenerCertificate.
Required: Conditional
Type: Array of Certificate
Update requires: No interruption
DefaultActions
-
The actions for the default rule. You cannot define a condition for a default rule.
To create additional rules for an Application Load Balancer, use AWS::ElasticLoadBalancingV2::ListenerRule.
Required: Yes
Type: Array of Action
Update requires: No interruption
ListenerAttributes
-
The listener attributes.
Required: No
Type: Array of ListenerAttribute
Update requires: No interruption
LoadBalancerArn
-
The Amazon Resource Name (ARN) of the load balancer.
Required: Yes
Type: String
Update requires: Replacement
MutualAuthentication
-
The mutual authentication configuration information.
Required: No
Type: MutualAuthentication
Update requires: No interruption
Port
-
The port on which the load balancer is listening. You can't specify a port for a Gateway Load Balancer.
Required: No
Type: Integer
Minimum:
1
Maximum:
65535
Update requires: No interruption
Protocol
-
The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You can't specify a protocol for a Gateway Load Balancer.
Required: No
Type: String
Allowed values:
HTTP | HTTPS | TCP | TLS | UDP | TCP_UDP | GENEVE
Update requires: No interruption
SslPolicy
-
[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.
Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic.
For more information, see Security policies in the Application Load Balancers Guide and Security policies in the Network Load Balancers Guide.
Required: No
Type: String
Update requires: Some interruptions
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the Amazon Resource Name (ARN) of the listener.
For more information about using the Ref
function, see Ref
.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
ListenerArn
-
The Amazon Resource Name (ARN) of the listener.
Examples
The following example creates a listener with a default action that redirects HTTP requests on port 80 to HTTPS requests on port 443, retaining the original host name, path, and query string.
YAML
HTTPlistener:
Type: "AWS::ElasticLoadBalancingV2::Listener"
Properties:
DefaultActions:
- Type: "redirect"
RedirectConfig:
Protocol: "HTTPS"
Port: 443
Host: "#{host}"
Path: "/#{path}"
Query: "#{query}"
StatusCode: "HTTP_301"
LoadBalancerArn: !Ref myLoadBalancer
Port: 80
Protocol: "HTTP"
JSON
"HTTPlistener": {
"Type": "AWS::ElasticLoadBalancingV2::Listener",
"Properties": {
"DefaultActions": [
{
"Type": "redirect",
"RedirectConfig": {
"Protocol": "HTTPS",
"Port": 443,
"Host": "#{host}",
"Path": "/#{path}",
"Query": "#{query}",
"StatusCode": "HTTP_301"
}
}
],
"LoadBalancerArn": {
"Ref": "myLoadBalancer"
},
"Port": 80,
"Protocol": "HTTP"
}
}
See also
-
CreateListener in the Elastic Load Balancing API Reference (version 2015-12-01)
-
Listeners in the User Guide for Application Load Balancers
-
Listeners in the User Guide for Network Load Balancers
-
Listeners in the User Guide for Gateway Load Balancers