LB Listener
Front-end port on an ALB or NLB that routes to a target group.
Configuration
Section titled “Configuration”| Setting | Type | Required | Default |
|---|---|---|---|
| Port | Number | Yes | 80 |
| Protocol Options: HTTP, HTTPS, TCP, TLS, UDP, TCP+UDP | Choice | — | HTTP |
| ACM cert ARN (HTTPS/TLS) | Text | — | — |
| SSL policy Options: TLS 1.3 (2021), TLS 1.2 ext (2018), FS 1.2 res (2020), 2016-08 (legacy) | Choice | — | ELBSecurityPolicy-TLS13-1-2-2021-06 |
| Default action Options: Forward to target group, Redirect, Fixed response | Choice | — | forward |
| Redirect host | Text | — | #{host} |
| Redirect path | Text | — | /#{path} |
| Redirect port | Text | — | 443 |
| Redirect protocol Options: HTTPS, HTTP | Choice | — | HTTPS |
| Redirect status Options: 301 Permanent, 302 Found | Choice | — | HTTP_302 |
| Fixed response body | Text | — | — |
| Fixed response content type | Text | — | text/plain |
| Fixed response status | Number | — | 200 |
| ALPN policy (TLS NLB) | List | — | — |
| Mutual TLS enabled | Toggle | — | false |
| Mutual TLS mode Options: Off, Passthrough, Verify | Choice | — | off |
| Mutual TLS trust store ARN | Text | — | — |
| Tags | Key–value | — | — |
Connections
Section titled “Connections”| Socket | Direction | Accepts | Terraform arg |
|---|---|---|---|
| Load balancer | Input | aws.alb, aws.nlb | load_balancer_arn |
| Default target group | Input | aws.target-group | default_action.target_group_arn |
| TLS certificate | Input | aws.acm-certificate | certificate_arn |
| Rules / deployment | Output | aws.codedeploy, aws.lb-listener-rule | — |