Class GuApplicationLoadBalancer

Construct which creates an Application Load Balancer.

This construct should be used in conjunction with [[GuApplicationListener]] and [[GuApplicationTargetGroup]] to route traffic to your application. For more details on these three components, see the AWS documentation.

This resource is stateful.

See

https://github.com/guardian/cdk/blob/main/docs/stateful-resources.md

Hierarchy

  • Mixin<typeof ApplicationLoadBalancer, this> & ApplicationLoadBalancer<this>
    • GuApplicationLoadBalancer

Constructors

constructor

Properties

connections env idWithApp ipAddressType? listeners loadBalancerArn loadBalancerCanonicalHostedZoneId loadBalancerDnsName loadBalancerFullName loadBalancerName loadBalancerSecurityGroups metrics node physicalName stack vpc?

Methods

_enableCrossEnvironment addListener addRedirect addSecurityGroup applyRemovalPolicy generatePhysicalName getResourceArnAttribute getResourceNameAttribute logAccessLogs logConnectionLogs metric metricActiveConnectionCount metricClientTlsNegotiationErrorCount metricConsumedLCUs metricElbAuthError metricElbAuthFailure metricElbAuthLatency metricElbAuthSuccess metricHttpCodeElb metricHttpCodeTarget metricHttpFixedResponseCount metricHttpRedirectCount metricHttpRedirectUrlLimitExceededCount metricIpv6ProcessedBytes metricIpv6RequestCount metricNewConnectionCount metricProcessedBytes metricRejectedConnectionCount metricRequestCount metricRuleEvaluations metricTargetConnectionErrorCount metricTargetResponseTime metricTargetTLSNegotiationErrorCount removeAttribute resourcePolicyPrincipal setAttribute toString validateLoadBalancer _queryContextProvider fromApplicationLoadBalancerAttributes fromLookup isConstruct isOwnedResource isResource

Constructors

constructor

Properties

Readonlyconnections

connections: Connections

The network connections associated with this resource.

Readonlyenv

env: ResourceEnvironment

The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

ReadonlyidWithApp

idWithApp: string

The ID of the construct with the App suffix. This should be used in place of id when trying to reference the construct.

Optional ReadonlyipAddressType

ipAddressType?: IpAddressType

The IP Address Type for this load balancer

Default

IpAddressType.IPV4

Readonlylisteners

listeners: ApplicationListener[]

A list of listeners that have been added to the load balancer. This list is only valid for owned constructs.

ReadonlyloadBalancerArn

loadBalancerArn: string

The ARN of this load balancer

Example value: arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-internal-load-balancer/50dc6c495c0c9188

Attribute

ReadonlyloadBalancerCanonicalHostedZoneId

loadBalancerCanonicalHostedZoneId: string

The canonical hosted zone ID of this load balancer

Example value: Z2P70J7EXAMPLE

Attribute

ReadonlyloadBalancerDnsName

loadBalancerDnsName: string

The DNS name of this load balancer

Example value: my-load-balancer-424835706.us-west-2.elb.amazonaws.com

Attribute

ReadonlyloadBalancerFullName

loadBalancerFullName: string

The full name of this load balancer

Example value: app/my-load-balancer/50dc6c495c0c9188

Attribute

ReadonlyloadBalancerName

loadBalancerName: string

The name of this load balancer

Example value: my-load-balancer

Attribute

ReadonlyloadBalancerSecurityGroups

loadBalancerSecurityGroups: string[]

Attribute

Readonlymetrics

metrics: IApplicationLoadBalancerMetrics

All metrics available for this load balancer

Readonlynode

node: Node

The tree node.

Protected ReadonlyphysicalName

physicalName: string

Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.

This value will resolve to one of the following:

  • a concrete value (e.g. "my-awesome-bucket")
  • undefined, when a name should be generated by CloudFormation
  • a concrete name generated automatically during synthesis, in cross-environment scenarios.

Readonlystack

stack: Stack

The stack in which this resource is defined.

Optional Readonlyvpc

vpc?: IVpc

The VPC this load balancer has been created in.

This property is always defined (not null or undefined) for sub-classes of BaseLoadBalancer.

Methods

_enableCrossEnvironment

  • _enableCrossEnvironment(): void
  • Internal

    Called when this resource is referenced across environments (account/region) to order to request that a physical name will be generated for this resource during synthesis, so the resource can be referenced through its absolute name/arn.

    Returns void

addListener

  • addListener(
        id: string,
        props: BaseApplicationListenerProps,
    ): ApplicationListener

  • Add a new listener to this load balancer

    Parameters

    • id: string
    • props: BaseApplicationListenerProps

    Returns ApplicationListener

addRedirect

  • addRedirect(props?: ApplicationLoadBalancerRedirectConfig): ApplicationListener

  • Add a redirection listener to this load balancer

    Parameters

    • Optionalprops: ApplicationLoadBalancerRedirectConfig

    Returns ApplicationListener

addSecurityGroup

  • addSecurityGroup(securityGroup: ISecurityGroup): void

  • Add a security group to this load balancer

    Parameters

    • securityGroup: ISecurityGroup

    Returns void

applyRemovalPolicy

  • applyRemovalPolicy(policy: RemovalPolicy): void

  • Apply the given removal policy to this resource

    The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

    The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

    Parameters

    • policy: RemovalPolicy

    Returns void

ProtectedgeneratePhysicalName

  • generatePhysicalName(): string

  • Returns string

ProtectedgetResourceArnAttribute

  • getResourceArnAttribute(arnAttr: string, arnComponents: ArnComponents): string

  • Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. bucket.bucketArn).

    Normally, this token will resolve to arnAttr, but if the resource is referenced across environments, arnComponents will be used to synthesize a concrete ARN with the resource's physical name. Make sure to reference this.physicalName in arnComponents.

    Parameters

    • arnAttr: string

      The CFN attribute which resolves to the ARN of the resource. Commonly it will be called "Arn" (e.g. resource.attrArn), but sometimes it's the CFN resource's ref.

    • arnComponents: ArnComponents

      The format of the ARN of this resource. You must reference this.physicalName somewhere within the ARN in order for cross-environment references to work.

    Returns string

ProtectedgetResourceNameAttribute

  • getResourceNameAttribute(nameAttr: string): string

  • Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. bucket.bucketName).

    Normally, this token will resolve to nameAttr, but if the resource is referenced across environments, it will be resolved to this.physicalName, which will be a concrete name.

    Parameters

    • nameAttr: string

      The CFN attribute which resolves to the resource's name. Commonly this is the resource's ref.

    Returns string

logAccessLogs

  • logAccessLogs(bucket: IBucket, prefix?: string): void

  • Enable access logging for this load balancer.

    A region must be specified on the stack containing the load balancer; you cannot enable logging on environment-agnostic stacks. See https://docs.aws.amazon.com/cdk/latest/guide/environments.html

    Parameters

    • bucket: IBucket
    • Optionalprefix: string

    Returns void

logConnectionLogs

  • logConnectionLogs(bucket: IBucket, prefix?: string): void

  • Enable connection logging for this load balancer.

    A region must be specified on the stack containing the load balancer; you cannot enable logging on environment-agnostic stacks.

    Parameters

    • bucket: IBucket
    • Optionalprefix: string

    Returns void

    See

    https://docs.aws.amazon.com/cdk/latest/guide/environments.html

metric

  • metric(metricName: string, props?: MetricOptions): Metric

  • Return the given named metric for this Application Load Balancer

    Parameters

    • metricName: string
    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Average over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.custom instead

metricActiveConnectionCount

  • metricActiveConnectionCount(props?: MetricOptions): Metric

  • The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.activeConnectionCount instead

metricClientTlsNegotiationErrorCount

  • metricClientTlsNegotiationErrorCount(props?: MetricOptions): Metric

  • The number of TLS connections initiated by the client that did not establish a session with the load balancer. Possible causes include a mismatch of ciphers or protocols.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.clientTlsNegotiationErrorCount instead

metricConsumedLCUs

  • metricConsumedLCUs(props?: MetricOptions): Metric

  • The number of load balancer capacity units (LCU) used by your load balancer.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.consumedLCUs instead

metricElbAuthError

  • metricElbAuthError(props?: MetricOptions): Metric

  • The number of user authentications that could not be completed

    Because an authenticate action was misconfigured, the load balancer couldn't establish a connection with the IdP, or the load balancer couldn't complete the authentication flow due to an internal error.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.elbAuthError instead

metricElbAuthFailure

  • metricElbAuthFailure(props?: MetricOptions): Metric

  • The number of user authentications that could not be completed because the IdP denied access to the user or an authorization code was used more than once.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.elbAuthFailure instead

metricElbAuthLatency

  • metricElbAuthLatency(props?: MetricOptions): Metric

  • The time elapsed, in milliseconds, to query the IdP for the ID token and user info.

    If one or more of these operations fail, this is the time to failure.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Average over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.elbAuthLatency instead

metricElbAuthSuccess

  • metricElbAuthSuccess(props?: MetricOptions): Metric

  • The number of authenticate actions that were successful.

    This metric is incremented at the end of the authentication workflow, after the load balancer has retrieved the user claims from the IdP.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.elbAuthSuccess instead

metricHttpCodeElb

  • metricHttpCodeElb(code: HttpCodeElb, props?: MetricOptions): Metric

  • The number of HTTP 3xx/4xx/5xx codes that originate from the load balancer.

    This does not include any response codes generated by the targets.

    Parameters

    • code: HttpCodeElb
    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.httpCodeElb instead

metricHttpCodeTarget

  • metricHttpCodeTarget(code: HttpCodeTarget, props?: MetricOptions): Metric

  • The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in the load balancer.

    This does not include any response codes generated by the load balancer.

    Parameters

    • code: HttpCodeTarget
    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.httpCodeTarget instead

metricHttpFixedResponseCount

  • metricHttpFixedResponseCount(props?: MetricOptions): Metric

  • The number of fixed-response actions that were successful.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.httpFixedResponseCount instead

metricHttpRedirectCount

  • metricHttpRedirectCount(props?: MetricOptions): Metric

  • The number of redirect actions that were successful.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.httpRedirectCount instead

metricHttpRedirectUrlLimitExceededCount

  • metricHttpRedirectUrlLimitExceededCount(props?: MetricOptions): Metric

  • The number of redirect actions that couldn't be completed because the URL in the response location header is larger than 8K.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.httpRedirectUrlLimitExceededCount instead

metricIpv6ProcessedBytes

  • metricIpv6ProcessedBytes(props?: MetricOptions): Metric

  • The total number of bytes processed by the load balancer over IPv6.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.ipv6ProcessedBytes instead

metricIpv6RequestCount

  • metricIpv6RequestCount(props?: MetricOptions): Metric

  • The number of IPv6 requests received by the load balancer.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.ipv6RequestCount instead

metricNewConnectionCount

  • metricNewConnectionCount(props?: MetricOptions): Metric

  • The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.newConnectionCount instead

metricProcessedBytes

  • metricProcessedBytes(props?: MetricOptions): Metric

  • The total number of bytes processed by the load balancer over IPv4 and IPv6.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.processedBytes instead

metricRejectedConnectionCount

  • metricRejectedConnectionCount(props?: MetricOptions): Metric

  • The number of connections that were rejected because the load balancer had reached its maximum number of connections.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.rejectedConnectionCount instead

metricRequestCount

  • metricRequestCount(props?: MetricOptions): Metric

  • The number of requests processed over IPv4 and IPv6.

    This count includes only the requests with a response generated by a target of the load balancer.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.requestCount instead

metricRuleEvaluations

  • metricRuleEvaluations(props?: MetricOptions): Metric

  • The number of rules processed by the load balancer given a request rate averaged over an hour.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.ruleEvaluations instead

metricTargetConnectionErrorCount

  • metricTargetConnectionErrorCount(props?: MetricOptions): Metric

  • The number of connections that were not successfully established between the load balancer and target.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.targetConnectionErrorCount instead

metricTargetResponseTime

  • metricTargetResponseTime(props?: MetricOptions): Metric

  • The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Average over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.targetResponseTime instead

metricTargetTLSNegotiationErrorCount

  • metricTargetTLSNegotiationErrorCount(props?: MetricOptions): Metric

  • The number of TLS connections initiated by the load balancer that did not establish a session with the target.

    Possible causes include a mismatch of ciphers or protocols.

    Parameters

    • Optionalprops: MetricOptions

    Returns Metric

    Default

    Sum over 5 minutes

    Deprecated

    Use ApplicationLoadBalancer.metrics.targetTLSNegotiationErrorCount instead

removeAttribute

  • removeAttribute(key: string): void

  • Remove an attribute from the load balancer

    Parameters

    • key: string

    Returns void

ProtectedresourcePolicyPrincipal

  • resourcePolicyPrincipal(): IPrincipal

  • Returns IPrincipal

setAttribute

toString

  • toString(): string

  • Returns a string representation of an object.

    Returns string

ProtectedvalidateLoadBalancer

  • validateLoadBalancer(): string[]

  • Returns string[]

Protected Static_queryContextProvider

  • _queryContextProvider(
        scope: Construct,
        options: LoadBalancerQueryContextProviderOptions,
    ): LoadBalancerContextResponse
  • Internal

    Queries the load balancer context provider for load balancer info.

    Parameters

    • scope: Construct
    • options: LoadBalancerQueryContextProviderOptions

    Returns LoadBalancerContextResponse

StaticfromApplicationLoadBalancerAttributes

  • fromApplicationLoadBalancerAttributes(
        scope: Construct,
        id: string,
        attrs: ApplicationLoadBalancerAttributes,
    ): IApplicationLoadBalancer

  • Import an existing Application Load Balancer

    Parameters

    • scope: Construct
    • id: string
    • attrs: ApplicationLoadBalancerAttributes

    Returns IApplicationLoadBalancer

StaticfromLookup

  • fromLookup(
        scope: Construct,
        id: string,
        options: ApplicationLoadBalancerLookupOptions,
    ): IApplicationLoadBalancer

  • Look up an application load balancer.

    Parameters

    • scope: Construct
    • id: string
    • options: ApplicationLoadBalancerLookupOptions

    Returns IApplicationLoadBalancer

StaticisConstruct

  • isConstruct(x: any): x is Construct

  • Checks if x is a construct.

    Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

    Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

    Parameters

    • x: any

      Any object

    Returns x is Construct

    true if x is an object created from a class which extends Construct.

StaticisOwnedResource

  • isOwnedResource(construct: IConstruct): boolean

  • Returns true if the construct was created by CDK, and false otherwise

    Parameters

    • construct: IConstruct

    Returns boolean

StaticisResource

  • isResource(construct: IConstruct): construct is Resource

  • Check whether the given construct is a Resource

    Parameters

    • construct: IConstruct

    Returns construct is Resource

Settings

Member Visibility

On This Page

Constructors
Properties
Methods
_enableCrossEnvironmentaddListeneraddRedirectaddSecurityGroupapplyRemovalPolicygeneratePhysicalNamegetResourceArnAttributegetResourceNameAttributelogAccessLogslogConnectionLogsmetricmetricActiveConnectionCountmetricClientTlsNegotiationErrorCountmetricConsumedLCUsmetricElbAuthErrormetricElbAuthFailuremetricElbAuthLatencymetricElbAuthSuccessmetricHttpCodeElbmetricHttpCodeTargetmetricHttpFixedResponseCountmetricHttpRedirectCountmetricHttpRedirectUrlLimitExceededCountmetricIpv6ProcessedBytesmetricIpv6RequestCountmetricNewConnectionCountmetricProcessedBytesmetricRejectedConnectionCountmetricRequestCountmetricRuleEvaluationsmetricTargetConnectionErrorCountmetricTargetResponseTimemetricTargetTLSNegotiationErrorCountremoveAttributeresourcePolicyPrincipalsetAttributetoStringvalidateLoadBalancer_queryContextProviderfromApplicationLoadBalancerAttributesfromLookupisConstructisOwnedResourceisResource