AWS Elastic Load Balancing Policy

This page shows how to write Terraform and CloudFormation for Elastic Load Balancing Policy and write them securely.

aws_proxy_protocol_policy (Terraform)

The Policy in Elastic Load Balancing can be configured in Terraform with the resource name aws_proxy_protocol_policy. The following sections describe 3 examples of how to use the resource and its parameters.

Example Usage from GitHub

proxy_protocol_policy.tf#L4
resource "aws_proxy_protocol_policy" "proxy_protocol_policy" {
  count = var.enable_proxy_protocol_policy ? 1 : 0

  load_balancer  = var.proxy_protocol_policy_load_balancer != "" ? var.proxy_protocol_policy_load_balancer : aws_elb.elb[0].name
  instance_ports = var.proxy_protocol_policy_instance_ports

main.tf#L7
resource "aws_proxy_protocol_policy" "this" {
  instance_ports = var.instance_ports
  load_balancer  = var.load_balancer
}

proxy_protocol_policy.tf#L4
resource "aws_proxy_protocol_policy" "proxy_protocol_policy" {
  count = var.enable_proxy_protocol_policy ? 1 : 0

  load_balancer  = var.proxy_protocol_policy_load_balancer != "" ? var.proxy_protocol_policy_load_balancer : aws_elb.elb[0].name
  instance_ports = var.proxy_protocol_policy_instance_ports

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Provides a proxy protocol policy, which allows an ELB to carry a client connection information to a backend.

Tips: Best Practices for The Other AWS Elastic Load Balancing Resources

In addition to the aws_elb, AWS Elastic Load Balancing has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

aws_elb

Ensure your ALB blocks unwanted access

It is better to limit accessibility to the minimum that is required for the application to work.

Review your AWS Elastic Load Balancing settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

AWS::ElasticLoadBalancing::LoadBalancer Listeners (CloudFormation)

The LoadBalancer Listeners in ElasticLoadBalancing can be configured in CloudFormation with the resource name AWS::ElasticLoadBalancing::LoadBalancer Listeners. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

InstancePort The port on which the instance is listening.
Required: Yes
Type: String
Minimum: 1
Maximum: 65535
Update requires: No interruption

InstanceProtocol The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.
If the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.
If there is another listener with the same InstancePort whose InstanceProtocol is secure, (HTTPS or SSL), the listener's InstanceProtocol must also be secure.
If there is another listener with the same InstancePort whose InstanceProtocol is HTTP or TCP, the listener's InstanceProtocol must be HTTP or TCP.
Required: No
Type: String
Update requires: No interruption

LoadBalancerPort The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.
Required: Yes
Type: String
Update requires: No interruption

PolicyNames The names of the policies to associate with the listener.
Required: No
Type: List of String
Update requires: No interruption

Protocol The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.
Required: Yes
Type: String
Update requires: No interruption

SSLCertificateId The Amazon Resource Name (ARN) of the server certificate.
Required: No
Type: String
Update requires: No interruption

Explanation in CloudFormation Registry

Specifies a listener for your Classic Load Balancer.

Frequently asked questions

What is AWS Elastic Load Balancing Policy?

AWS Elastic Load Balancing Policy is a resource for Elastic Load Balancing of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Elastic Load Balancing Policy?

For Terraform, the asrkata/SebastianUA-terraform, niveklabs/aws and SebastianUA/terraform source code examples are useful. See the Terraform Example section for further details.