CfnLoadBalancerPropsMixin

class aws_cdk.mixins_preview.aws_elasticloadbalancingv2.mixins.CfnLoadBalancerPropsMixin(props, *, strategy=None)

Bases: Mixin

Specifies an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html

CloudformationResource:

AWS::ElasticLoadBalancingV2::LoadBalancer

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_elasticloadbalancingv2 import mixins as elasticloadbalancingv2_mixins

cfn_load_balancer_props_mixin = elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin(elasticloadbalancingv2_mixins.CfnLoadBalancerMixinProps(
    enable_capacity_reservation_provision_stabilize=False,
    enable_prefix_for_ipv6_source_nat="enablePrefixForIpv6SourceNat",
    enforce_security_group_inbound_rules_on_private_link_traffic="enforceSecurityGroupInboundRulesOnPrivateLinkTraffic",
    ip_address_type="ipAddressType",
    ipv4_ipam_pool_id="ipv4IpamPoolId",
    load_balancer_attributes=[elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.LoadBalancerAttributeProperty(
        key="key",
        value="value"
    )],
    minimum_load_balancer_capacity=elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.MinimumLoadBalancerCapacityProperty(
        capacity_units=123
    ),
    name="name",
    scheme="scheme",
    security_groups=["securityGroups"],
    subnet_mappings=[elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.SubnetMappingProperty(
        allocation_id="allocationId",
        i_pv6_address="iPv6Address",
        private_iPv4_address="privateIPv4Address",
        source_nat_ipv6_prefix="sourceNatIpv6Prefix",
        subnet_id="subnetId"
    )],
    subnets=["subnets"],
    tags=[CfnTag(
        key="key",
        value="value"
    )],
    type="type"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::ElasticLoadBalancingV2::LoadBalancer.

Parameters:

• props (Union[CfnLoadBalancerMixinProps, Dict[str, Any]]) – L1 properties to apply.

• strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['enableCapacityReservationProvisionStabilize', 'enablePrefixForIpv6SourceNat', 'enforceSecurityGroupInboundRulesOnPrivateLinkTraffic', 'ipAddressType', 'ipv4IpamPoolId', 'loadBalancerAttributes', 'minimumLoadBalancerCapacity', 'name', 'scheme', 'securityGroups', 'subnetMappings', 'subnets', 'tags', 'type']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

LoadBalancerAttributeProperty

class CfnLoadBalancerPropsMixin.LoadBalancerAttributeProperty(*, key=None, value=None)

Bases: object

Specifies an attribute for an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.

Parameters:

• key (Optional[str]) – The name of the attribute. The following attributes are supported by all load balancers: - deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false . The default is false . - load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The possible values are true and false . The default for Network Load Balancers and Gateway Load Balancers is false . The default for Application Load Balancers is true , and can’t be changed. The following attributes are supported by both Application Load Balancers and Network Load Balancers: - access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false . The default is false . - access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. - access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs. - ipv6.deny_all_igw_traffic - Blocks internet gateway (IGW) access to the load balancer. It is set to false for internet-facing load balancers and true for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway. - zonal_shift.config.enabled - Indicates whether zonal shift is enabled. The possible values are true and false . The default is false . The following attributes are supported by only Application Load Balancers: - idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds. - client_keep_alive.seconds - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds. - connection_logs.s3.enabled - Indicates whether connection logs are enabled. The value is true or false . The default is false . - connection_logs.s3.bucket - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. - connection_logs.s3.prefix - The prefix for the location in the S3 bucket for the connection logs. - health_check_logs.s3.enabled - Indicates whether health check logs are enabled. The value is true or false . The default is false . - health_check_logs.s3.bucket - The name of the S3 bucket for the health check logs. This attribute is required if health check logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. - health_check_logs.s3.prefix - The prefix for the location in the S3 bucket for the health check logs. - routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor , defensive , and strictest . The default is defensive . - routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( true ) or routed to targets ( false ). The default is false . - routing.http.preserve_host_header.enabled - Indicates whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. The possible values are true and false . The default is false . - routing.http.x_amzn_tls_version_and_cipher_suite.enabled - Indicates whether the two headers ( x-amzn-tls-version and x-amzn-tls-cipher-suite ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true and false . The default is false . - routing.http.xff_client_port.enabled - Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. The possible values are true and false . The default is false . - routing.http.xff_header_processing.mode - Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are append , preserve , and remove . The default is append . - If the value is append , the Application Load Balancer adds the client IP address (of the last hop) to the X-Forwarded-For header in the HTTP request before it sends it to targets. - If the value is preserve the Application Load Balancer preserves the X-Forwarded-For header in the HTTP request, and sends it to targets without any change. - If the value is remove , the Application Load Balancer removes the X-Forwarded-For header in the HTTP request before it sends it to targets. - routing.http2.enabled - Indicates whether clients can connect to the load balancer using HTTP/2. If true , clients can connect using HTTP/2 or HTTP/1.1. However, all client requests are subject to the stricter HTTP/2 header validation rules. For example, message header names must contain only alphanumeric characters and hyphens. If false , clients must connect using HTTP/1.1. The default is true . - waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are true and false . The default is false . The following attributes are supported by only Network Load Balancers: - dns_record.client_routing_policy - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are availability_zone_affinity with 100 percent zonal affinity, partial_availability_zone_affinity with 85 percent zonal affinity, and any_availability_zone with 0 percent zonal affinity. - secondary_ips.auto_assigned.per_subnet - The number of secondary IP addresses to configure for your load balancer nodes. Use to address port allocation errors if you can’t add targets. The valid range is 0 to 7. The default is 0. After you set this value, you can’t decrease it.

• value (Optional[str]) – The value of the attribute.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_elasticloadbalancingv2 import mixins as elasticloadbalancingv2_mixins

load_balancer_attribute_property = elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.LoadBalancerAttributeProperty(
    key="key",
    value="value"
)

Attributes

key

The name of the attribute.

The following attributes are supported by all load balancers:

• deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false . The default is false .

• load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The possible values are true and false . The default for Network Load Balancers and Gateway Load Balancers is false . The default for Application Load Balancers is true , and can’t be changed.

The following attributes are supported by both Application Load Balancers and Network Load Balancers:

• access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false . The default is false .

• access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.

• access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs.

• ipv6.deny_all_igw_traffic - Blocks internet gateway (IGW) access to the load balancer. It is set to false for internet-facing load balancers and true for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.

• zonal_shift.config.enabled - Indicates whether zonal shift is enabled. The possible values are true and false . The default is false .

The following attributes are supported by only Application Load Balancers:

• idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.

• client_keep_alive.seconds - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.

• connection_logs.s3.enabled - Indicates whether connection logs are enabled. The value is true or false . The default is false .

• connection_logs.s3.bucket - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.

• connection_logs.s3.prefix - The prefix for the location in the S3 bucket for the connection logs.

• health_check_logs.s3.enabled - Indicates whether health check logs are enabled. The value is true or false . The default is false .

• health_check_logs.s3.bucket - The name of the S3 bucket for the health check logs. This attribute is required if health check logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.

• health_check_logs.s3.prefix - The prefix for the location in the S3 bucket for the health check logs.

• routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor , defensive , and strictest . The default is defensive .

• routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( true ) or routed to targets ( false ). The default is false .

• routing.http.preserve_host_header.enabled - Indicates whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. The possible values are true and false . The default is false .

• routing.http.x_amzn_tls_version_and_cipher_suite.enabled - Indicates whether the two headers ( x-amzn-tls-version and x-amzn-tls-cipher-suite ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true and false . The default is false .

• routing.http.xff_client_port.enabled - Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer. The possible values are true and false . The default is false .

• routing.http.xff_header_processing.mode - Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are append , preserve , and remove . The default is append .

• If the value is append , the Application Load Balancer adds the client IP address (of the last hop) to the X-Forwarded-For header in the HTTP request before it sends it to targets.

• If the value is preserve the Application Load Balancer preserves the X-Forwarded-For header in the HTTP request, and sends it to targets without any change.

• If the value is remove , the Application Load Balancer removes the X-Forwarded-For header in the HTTP request before it sends it to targets.

• routing.http2.enabled - Indicates whether clients can connect to the load balancer using HTTP/2. If true , clients can connect using HTTP/2 or HTTP/1.1. However, all client requests are subject to the stricter HTTP/2 header validation rules. For example, message header names must contain only alphanumeric characters and hyphens. If false , clients must connect using HTTP/1.1. The default is true .

• waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are true and false . The default is false .

The following attributes are supported by only Network Load Balancers:

• dns_record.client_routing_policy - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are availability_zone_affinity with 100 percent zonal affinity, partial_availability_zone_affinity with 85 percent zonal affinity, and any_availability_zone with 0 percent zonal affinity.

• secondary_ips.auto_assigned.per_subnet - The number of secondary IP addresses to configure for your load balancer nodes. Use to address port allocation errors if you can’t add targets. The valid range is 0 to 7. The default is 0. After you set this value, you can’t decrease it.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattribute-key

value

The value of the attribute.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattribute.html#cfn-elasticloadbalancingv2-loadbalancer-loadbalancerattribute-value

MinimumLoadBalancerCapacityProperty

class CfnLoadBalancerPropsMixin.MinimumLoadBalancerCapacityProperty(*, capacity_units=None)

Bases: object

The minimum capacity for a load balancer.

Parameters:

capacity_units (Union[int, float, None]) – The number of capacity units.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-minimumloadbalancercapacity.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_elasticloadbalancingv2 import mixins as elasticloadbalancingv2_mixins

minimum_load_balancer_capacity_property = elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.MinimumLoadBalancerCapacityProperty(
    capacity_units=123
)

Attributes

capacity_units

The number of capacity units.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-minimumloadbalancercapacity.html#cfn-elasticloadbalancingv2-loadbalancer-minimumloadbalancercapacity-capacityunits

SubnetMappingProperty

class CfnLoadBalancerPropsMixin.SubnetMappingProperty(*, allocation_id=None, i_pv6_address=None, private_i_pv4_address=None, source_nat_ipv6_prefix=None, subnet_id=None)

Bases: object

Specifies a subnet for a load balancer.

Parameters:

• allocation_id (Optional[str]) – [Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.

• i_pv6_address (Optional[str]) – [Network Load Balancers] The IPv6 address.

• private_i_pv4_address (Optional[str]) – [Network Load Balancers] The private IPv4 address for an internal load balancer.

• source_nat_ipv6_prefix (Optional[str]) – [Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or auto_assigned to use an IPv6 prefix selected at random from the subnet CIDR block.

• subnet_id (Optional[str]) – The ID of the subnet.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_elasticloadbalancingv2 import mixins as elasticloadbalancingv2_mixins

subnet_mapping_property = elasticloadbalancingv2_mixins.CfnLoadBalancerPropsMixin.SubnetMappingProperty(
    allocation_id="allocationId",
    i_pv6_address="iPv6Address",
    private_iPv4_address="privateIPv4Address",
    source_nat_ipv6_prefix="sourceNatIpv6Prefix",
    subnet_id="subnetId"
)

Attributes

allocation_id

[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-allocationid

i_pv6_address

[Network Load Balancers] The IPv6 address.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-ipv6address

private_i_pv4_address

[Network Load Balancers] The private IPv4 address for an internal load balancer.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-privateipv4address

source_nat_ipv6_prefix

[Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT.

Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or auto_assigned to use an IPv6 prefix selected at random from the subnet CIDR block.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-sourcenatipv6prefix

subnet_id

The ID of the subnet.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-subnetmapping.html#cfn-elasticloadbalancingv2-loadbalancer-subnetmapping-subnetid