Resource: awsLbTargetGroup
Provides a Target Group resource for use with Load Balancer resources.
\~> Note: awsAlbTargetGroup
is known as awsLbTargetGroup
. The functionality is identical.
Example Usage
Instance Target Group
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcMain = new aws.vpc.Vpc(this, "main", {
cidrBlock: "10.0.0.0/16",
});
new aws.lbTargetGroup.LbTargetGroup(this, "test", {
name: "tf-example-lb-tg",
port: 80,
protocol: "HTTP",
vpcId: awsVpcMain.id,
});
IP Target Group
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcMain = new aws.vpc.Vpc(this, "main", {
cidrBlock: "10.0.0.0/16",
});
new aws.lbTargetGroup.LbTargetGroup(this, "ip-example", {
name: "tf-example-lb-tg",
port: 80,
protocol: "HTTP",
targetType: "ip",
vpcId: awsVpcMain.id,
});
Lambda Target Group
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.lbTargetGroup.LbTargetGroup(this, "lambda-example", {
name: "tf-example-lb-tg",
targetType: "lambda",
});
ALB Target Group
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.lbTargetGroup.LbTargetGroup(this, "alb-example", {
name: "tf-example-lb-alb-tg",
port: 80,
protocol: "TCP",
targetType: "alb",
vpcId: "${aws_vpc.main.id}",
});
Argument Reference
The following arguments are supported:
connectionTermination
- (Optional) Whether to terminate connections at the end of the deregistration timeout on Network Load Balancers. See doc for more information. Default isfalse
.deregistrationDelay
- (Optional) Amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.healthCheck
- (Optional, Maximum of 1) Health Check configuration block. Detailed below.lambdaMultiValueHeadersEnabled
- (Optional) Whether the request and response headers exchanged between the load balancer and the Lambda function include arrays of values or strings. Only applies whentargetType
islambda
. Default isfalse
.loadBalancingAlgorithmType
- (Optional) Determines how the load balancer selects targets when routing requests. Only applicable for Application Load Balancer Target Groups. The value isroundRobin
orleastOutstandingRequests
. The default isroundRobin
.loadBalancingCrossZoneEnabled
- (Optional) Indicates whether cross zone load balancing is enabled. The value is"true"
,"false"
or"useLoadBalancerConfiguration"
. The default is"useLoadBalancerConfiguration"
.namePrefix
- (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts withname
. Cannot be longer than 6 characters.name
- (Optional, Forces new resource) Name of the target group. If omitted, Terraform will assign a random, unique name. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.port
- (May be required, Forces new resource) Port on which targets receive traffic, unless overridden when registering a specific target. Required whentargetType
isinstance
,ip
oralb
. Does not apply whentargetType
islambda
.preserveClientIp
- (Optional) Whether client IP preservation is enabled. See doc for more information.protocolVersion
- (Optional, Forces new resource) Only applicable whenprotocol
ishttp
orhttps
. The protocol version. Specifygrpc
to send requests to targets using gRPC. Specifyhttp2
to send requests to targets using HTTP/2. The default ishttp1
, which sends requests to targets using HTTP/1.1protocol
- (May be required, Forces new resource) Protocol to use for routing traffic to the targets. Should be one ofgeneve
,http
,https
,tcp
,TCP_UDP
,tls
, orudp
. Required whentargetType
isinstance
,ip
oralb
. Does not apply whentargetType
islambda
.proxyProtocolV2
- (Optional) Whether to enable support for proxy protocol v2 on Network Load Balancers. See doc for more information. Default isfalse
.slowStart
- (Optional) Amount time for targets to warm up before the load balancer sends them a full share of requests. The range is 30-900 seconds or 0 to disable. The default value is 0 seconds.stickiness
- (Optional, Maximum of 1) Stickiness configuration block. Detailed below.tags
- (Optional) Map of tags to assign to the resource. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.targetFailover
- (Optional) Target failover block. Only applicable for Gateway Load Balancer target groups. See target_failover for more information.-
targetType
- (May be required, Forces new resource) Type of target that you must specify when registering targets with this target group. See doc for supported values. The default isinstance
.Note that you can't specify targets for a target group using both instance IDs and IP addresses.
If the target type is
ip
, specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.Network Load Balancers do not support the
lambda
target type.Application Load Balancers do not support the
alb
target type. *ipAddressType
(Optional, forces new resource) The type of IP addresses used by the target group, only supported when target type is set toip
. Possible values areipv4
oripv6
. *vpcId
- (Optional, Forces new resource) Identifier of the VPC in which to create the target group. Required whentargetType
isinstance
,ip
oralb
. Does not apply whentargetType
islambda
.
healthCheck
\~> Note: The Health Check parameters you can set vary by the protocol
of the Target Group. Many parameters cannot be set to custom values for network
load balancers at this time. See http://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html for a complete reference. Keep in mind, that health checks produce actual requests to the backend. The underlying function is invoked when targetType
is set to lambda
.
enabled
- (Optional) Whether health checks are enabled. Defaults totrue
.healthyThreshold
- (Optional) Number of consecutive health check successes required before considering a target healthy. The range is 2-10. Defaults to 3.interval
- (Optional) Approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. Forlambda
target groups, it needs to be greater than the timeout of the underlyinglambda
. Defaults to 30.matcher
(May be required) Response codes to use when checking for a healthy responses from a target. You can specify multiple values (for example, "200,202" for HTTP(s) or "0,12" for GRPC) or a range of values (for example, "200-299" or "0-99"). Required for HTTP/HTTPS/GRPC ALB. Only applies to Application Load Balancers (i.e., HTTP/HTTPS/GRPC) not Network Load Balancers (i.e., TCP).path
- (May be required) Destination for the health check request. Required for HTTP/HTTPS ALB and HTTP NLB. Only applies to HTTP/HTTPS.port
- (Optional) The port the load balancer uses when performing health checks on targets. Default is traffic-port.protocol
- (Optional) Protocol the load balancer uses when performing health checks on targets. Must be eithertcp
,http
, orhttps
. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. Defaults to HTTP.timeout
- (optional) Amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is lambda, the default is 30 seconds.unhealthyThreshold
- (Optional) Number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. Defaults to 3.
stickiness
\~> NOTE: Currently, an NLB (i.e., protocol of http
or https
) can have an invalid stickiness
block with type
set to lbCookie
as long as enabled
is set to false
. However, please update your configurations to avoid errors in a future version of the provider: either remove the invalid stickiness
block or set the type
to sourceIp
.
cookieDuration
- (Optional) Only used when the type islbCookie
. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).cookieName
- (Optional) Name of the application based cookie. AWSALB, AWSALBAPP, and AWSALBTG prefixes are reserved and cannot be used. Only needed when type isappCookie
.enabled
- (Optional) Boolean to enable / disablestickiness
. Default istrue
.type
- (Required) The type of sticky sessions. The only current possible values arelbCookie
,appCookie
for ALBs,sourceIp
for NLBs, andsourceIpDestIp
,sourceIpDestIpProto
for GWLBs.
targetFailover
\~> NOTE: This block is only applicable for a Gateway Load Balancer (GWLB). The two attributes onDeregistration
and onUnhealthy
cannot be set independently. The value you set for both attributes must be the same.
onDeregistration
- (Optional) Indicates how the GWLB handles existing flows when a target is deregistered. Possible values arerebalance
andnoRebalance
. Must match the attribute value set foronUnhealthy
. Default:noRebalance
.onUnhealthy
- Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values arerebalance
andnoRebalance
. Must match the attribute value set foronDeregistration
. Default:noRebalance
.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arnSuffix
- ARN suffix for use with CloudWatch Metrics.arn
- ARN of the Target Group (matchesid
).id
- ARN of the Target Group (matchesarn
).name
- Name of the Target Group.tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Import
Target Groups can be imported using their ARN, e.g.,