Resource: awsLoadBalancerPolicy
Provides a load balancer policy, which can be attached to an ELB listener or backend server.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsElbWuTang = new aws.elb.Elb(this, "wu-tang", {
availabilityZones: ["us-east-1a"],
listener: [
{
instancePort: 443,
instanceProtocol: "http",
lbPort: 443,
lbProtocol: "https",
sslCertificateId:
"arn:aws:iam::000000000000:server-certificate/wu-tang.net",
},
],
name: "wu-tang",
tags: {
Name: "wu-tang",
},
});
new aws.loadBalancerPolicy.LoadBalancerPolicy(
this,
"wu-tang-ca-pubkey-policy",
{
loadBalancerName: awsElbWuTang.name,
policyAttribute: [
{
name: "PublicKey",
value: '${file("wu-tang-pubkey")}',
},
],
policyName: "wu-tang-ca-pubkey-policy",
policyTypeName: "PublicKeyPolicyType",
}
);
const awsLoadBalancerPolicyWuTangRootCaBackendAuthPolicy =
new aws.loadBalancerPolicy.LoadBalancerPolicy(
this,
"wu-tang-root-ca-backend-auth-policy",
{
loadBalancerName: awsElbWuTang.name,
policyAttribute: [
{
name: "PublicKeyPolicyName",
value:
"${aws_load_balancer_policy.wu-tang-root-ca-pubkey-policy.policy_name}",
},
],
policyName: "wu-tang-root-ca-backend-auth-policy",
policyTypeName: "BackendServerAuthenticationPolicyType",
}
);
const awsLoadBalancerPolicyWuTangSsl =
new aws.loadBalancerPolicy.LoadBalancerPolicy(this, "wu-tang-ssl", {
loadBalancerName: awsElbWuTang.name,
policyAttribute: [
{
name: "ECDHE-ECDSA-AES128-GCM-SHA256",
value: "true",
},
{
name: "Protocol-TLSv1.2",
value: "true",
},
],
policyName: "wu-tang-ssl",
policyTypeName: "SSLNegotiationPolicyType",
});
new aws.loadBalancerPolicy.LoadBalancerPolicy(this, "wu-tang-ssl-tls-1-1", {
loadBalancerName: awsElbWuTang.name,
policyAttribute: [
{
name: "Reference-Security-Policy",
value: "ELBSecurityPolicy-TLS-1-1-2017-01",
},
],
policyName: "wu-tang-ssl",
policyTypeName: "SSLNegotiationPolicyType",
});
new aws.loadBalancerBackendServerPolicy.LoadBalancerBackendServerPolicy(
this,
"wu-tang-backend-auth-policies-443",
{
instancePort: 443,
loadBalancerName: awsElbWuTang.name,
policyNames: [
awsLoadBalancerPolicyWuTangRootCaBackendAuthPolicy.policyName,
],
}
);
new aws.loadBalancerListenerPolicy.LoadBalancerListenerPolicy(
this,
"wu-tang-listener-policies-443",
{
loadBalancerName: awsElbWuTang.name,
loadBalancerPort: 443,
policyNames: [awsLoadBalancerPolicyWuTangSsl.policyName],
}
);
Argument Reference
The following arguments are supported:
loadBalancerName
- (Required) The load balancer on which the policy is defined.policyName
- (Required) The name of the load balancer policy.policyTypeName
- (Required) The policy type.policyAttribute
- (Optional) Policy attribute to apply to the policy.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the policy.policyName
- The name of the stickiness policy.policyTypeName
- The policy type of the policy.loadBalancerName
- The load balancer on which the policy is defined.