@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
585 lines (584 loc) • 31.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
import * as enums from "../types/enums";
/**
* Provides a Load Balancer resource.
*
* > **Note:** `aws.alb.LoadBalancer` is known as `aws.lb.LoadBalancer`. The functionality is identical.
*
* ## Example Usage
*
* ### Application Load Balancer
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const test = new aws.lb.LoadBalancer("test", {
* name: "test-lb-tf",
* internal: false,
* loadBalancerType: "application",
* securityGroups: [lbSg.id],
* subnets: .map(subnet => (subnet.id)),
* enableDeletionProtection: true,
* accessLogs: {
* bucket: lbLogs.id,
* prefix: "test-lb",
* enabled: true,
* },
* tags: {
* Environment: "production",
* },
* });
* ```
*
* ### Network Load Balancer
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const test = new aws.lb.LoadBalancer("test", {
* name: "test-lb-tf",
* internal: false,
* loadBalancerType: "network",
* subnets: .map(subnet => (subnet.id)),
* enableDeletionProtection: true,
* tags: {
* Environment: "production",
* },
* });
* ```
*
* ### Specifying Elastic IPs
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.lb.LoadBalancer("example", {
* name: "example",
* loadBalancerType: "network",
* subnetMappings: [
* {
* subnetId: example1AwsSubnet.id,
* allocationId: example1.id,
* },
* {
* subnetId: example2AwsSubnet.id,
* allocationId: example2.id,
* },
* ],
* });
* ```
*
* ### Specifying private IP addresses for an internal-facing load balancer
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const example = new aws.lb.LoadBalancer("example", {
* name: "example",
* loadBalancerType: "network",
* subnetMappings: [
* {
* subnetId: example1.id,
* privateIpv4Address: "10.0.1.15",
* },
* {
* subnetId: example2.id,
* privateIpv4Address: "10.0.2.15",
* },
* ],
* });
* ```
*
* ## Import
*
* ### Identity Schema
*
* #### Required
*
* - `arn` (String) Amazon Resource Name (ARN) of the load balancer.
*
* Using `pulumi import`, import LBs using their ARN. For example:
*
* console
*
* % pulumi import aws_lb.bar arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188
*/
export declare class LoadBalancer extends pulumi.CustomResource {
/**
* Get an existing LoadBalancer resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LoadBalancerState, opts?: pulumi.CustomResourceOptions): LoadBalancer;
/**
* Returns true if the given object is an instance of LoadBalancer. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is LoadBalancer;
/**
* Access Logs block. See below.
*/
readonly accessLogs: pulumi.Output<outputs.alb.LoadBalancerAccessLogs | undefined>;
/**
* ARN of the load balancer.
*/
readonly arn: pulumi.Output<string>;
/**
* ARN suffix for use with CloudWatch Metrics.
*/
readonly arnSuffix: pulumi.Output<string>;
/**
* Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
*/
readonly clientKeepAlive: pulumi.Output<number | undefined>;
/**
* Connection Logs block. See below. Only valid for Load Balancers of type `application`.
*/
readonly connectionLogs: pulumi.Output<outputs.alb.LoadBalancerConnectionLogs | undefined>;
/**
* ID of the customer owned ipv4 pool to use for this load balancer.
*/
readonly customerOwnedIpv4Pool: pulumi.Output<string | undefined>;
/**
* How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.
*/
readonly desyncMitigationMode: pulumi.Output<string | undefined>;
/**
* DNS name of the load balancer.
* * `subnet_mapping.*.outpost_id` - ID of the Outpost containing the load balancer.
*/
readonly dnsName: pulumi.Output<string>;
/**
* How traffic is distributed among the load balancer Availability Zones. Possible values are `anyAvailabilityZone` (default), `availabilityZoneAffinity`, or `partialAvailabilityZoneAffinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.
*/
readonly dnsRecordClientRoutingPolicy: pulumi.Output<string | undefined>;
/**
* Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.
*/
readonly dropInvalidHeaderFields: pulumi.Output<boolean | undefined>;
/**
* If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.
*/
readonly enableCrossZoneLoadBalancing: pulumi.Output<boolean | undefined>;
/**
* If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.
*/
readonly enableDeletionProtection: pulumi.Output<boolean | undefined>;
/**
* Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.
*/
readonly enableHttp2: pulumi.Output<boolean | undefined>;
/**
* Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`
*/
readonly enableTlsVersionAndCipherSuiteHeaders: pulumi.Output<boolean | undefined>;
/**
* Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.
*/
readonly enableWafFailOpen: pulumi.Output<boolean | undefined>;
/**
* Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.
*/
readonly enableXffClientPort: pulumi.Output<boolean | undefined>;
/**
* Whether zonal shift is enabled. Defaults to `false`.
*/
readonly enableZonalShift: pulumi.Output<boolean | undefined>;
/**
* Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.
*/
readonly enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: pulumi.Output<string>;
/**
* Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.
*/
readonly idleTimeout: pulumi.Output<number | undefined>;
/**
* If true, the LB will be internal. Defaults to `false`.
*/
readonly internal: pulumi.Output<boolean>;
/**
* Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).
*/
readonly ipAddressType: pulumi.Output<string>;
/**
* . The IPAM pools to use with the load balancer. Only valid for Load Balancers of type `application`. See ipamPools for more information.
*/
readonly ipamPools: pulumi.Output<outputs.alb.LoadBalancerIpamPools | undefined>;
/**
* Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.
*/
readonly loadBalancerType: pulumi.Output<enums.alb.LoadBalancerType | undefined>;
/**
* Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`.
*/
readonly minimumLoadBalancerCapacity: pulumi.Output<outputs.alb.LoadBalancerMinimumLoadBalancerCapacity | undefined>;
/**
* Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.
*/
readonly name: pulumi.Output<string>;
/**
* Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*/
readonly namePrefix: pulumi.Output<string>;
/**
* Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.
*/
readonly preserveHostHeader: pulumi.Output<boolean | undefined>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* The number of secondary IP addresses to configure for your load balancer nodes. Only valid for Load Balancers of type `network`. The valid range is 0-7. When decreased, this will force a recreation of the resource. Default: `0`.
*/
readonly secondaryIpsAutoAssignedPerSubnet: pulumi.Output<number>;
/**
* List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
*/
readonly securityGroups: pulumi.Output<string[]>;
/**
* Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.
*/
readonly subnetMappings: pulumi.Output<outputs.alb.LoadBalancerSubnetMapping[]>;
/**
* List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.
*/
readonly subnets: pulumi.Output<string[]>;
/**
* Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
readonly vpcId: pulumi.Output<string>;
/**
* Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.
*
* > **NOTE:** Please note that internal LBs can only use `ipv4` as the `ipAddressType`. You can only change to `dualstack` `ipAddressType` if the selected subnets are IPv6 enabled.
*
* > **NOTE:** Please note that one of either `subnets` or `subnetMapping` is required.
*/
readonly xffHeaderProcessingMode: pulumi.Output<string | undefined>;
/**
* Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
*/
readonly zoneId: pulumi.Output<string>;
/**
* Create a LoadBalancer resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: LoadBalancerArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering LoadBalancer resources.
*/
export interface LoadBalancerState {
/**
* Access Logs block. See below.
*/
accessLogs?: pulumi.Input<inputs.alb.LoadBalancerAccessLogs>;
/**
* ARN of the load balancer.
*/
arn?: pulumi.Input<string>;
/**
* ARN suffix for use with CloudWatch Metrics.
*/
arnSuffix?: pulumi.Input<string>;
/**
* Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
*/
clientKeepAlive?: pulumi.Input<number>;
/**
* Connection Logs block. See below. Only valid for Load Balancers of type `application`.
*/
connectionLogs?: pulumi.Input<inputs.alb.LoadBalancerConnectionLogs>;
/**
* ID of the customer owned ipv4 pool to use for this load balancer.
*/
customerOwnedIpv4Pool?: pulumi.Input<string>;
/**
* How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.
*/
desyncMitigationMode?: pulumi.Input<string>;
/**
* DNS name of the load balancer.
* * `subnet_mapping.*.outpost_id` - ID of the Outpost containing the load balancer.
*/
dnsName?: pulumi.Input<string>;
/**
* How traffic is distributed among the load balancer Availability Zones. Possible values are `anyAvailabilityZone` (default), `availabilityZoneAffinity`, or `partialAvailabilityZoneAffinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.
*/
dnsRecordClientRoutingPolicy?: pulumi.Input<string>;
/**
* Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.
*/
dropInvalidHeaderFields?: pulumi.Input<boolean>;
/**
* If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.
*/
enableCrossZoneLoadBalancing?: pulumi.Input<boolean>;
/**
* If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.
*/
enableDeletionProtection?: pulumi.Input<boolean>;
/**
* Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.
*/
enableHttp2?: pulumi.Input<boolean>;
/**
* Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`
*/
enableTlsVersionAndCipherSuiteHeaders?: pulumi.Input<boolean>;
/**
* Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.
*/
enableWafFailOpen?: pulumi.Input<boolean>;
/**
* Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.
*/
enableXffClientPort?: pulumi.Input<boolean>;
/**
* Whether zonal shift is enabled. Defaults to `false`.
*/
enableZonalShift?: pulumi.Input<boolean>;
/**
* Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.
*/
enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: pulumi.Input<string>;
/**
* Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.
*/
idleTimeout?: pulumi.Input<number>;
/**
* If true, the LB will be internal. Defaults to `false`.
*/
internal?: pulumi.Input<boolean>;
/**
* Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).
*/
ipAddressType?: pulumi.Input<string | enums.alb.IpAddressType>;
/**
* . The IPAM pools to use with the load balancer. Only valid for Load Balancers of type `application`. See ipamPools for more information.
*/
ipamPools?: pulumi.Input<inputs.alb.LoadBalancerIpamPools>;
/**
* Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.
*/
loadBalancerType?: pulumi.Input<enums.alb.LoadBalancerType>;
/**
* Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`.
*/
minimumLoadBalancerCapacity?: pulumi.Input<inputs.alb.LoadBalancerMinimumLoadBalancerCapacity>;
/**
* Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.
*/
name?: pulumi.Input<string>;
/**
* Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*/
namePrefix?: pulumi.Input<string>;
/**
* Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.
*/
preserveHostHeader?: pulumi.Input<boolean>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* The number of secondary IP addresses to configure for your load balancer nodes. Only valid for Load Balancers of type `network`. The valid range is 0-7. When decreased, this will force a recreation of the resource. Default: `0`.
*/
secondaryIpsAutoAssignedPerSubnet?: pulumi.Input<number>;
/**
* List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
*/
securityGroups?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.
*/
subnetMappings?: pulumi.Input<pulumi.Input<inputs.alb.LoadBalancerSubnetMapping>[]>;
/**
* List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.
*/
subnets?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
vpcId?: pulumi.Input<string>;
/**
* Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.
*
* > **NOTE:** Please note that internal LBs can only use `ipv4` as the `ipAddressType`. You can only change to `dualstack` `ipAddressType` if the selected subnets are IPv6 enabled.
*
* > **NOTE:** Please note that one of either `subnets` or `subnetMapping` is required.
*/
xffHeaderProcessingMode?: pulumi.Input<string>;
/**
* Canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record).
*/
zoneId?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a LoadBalancer resource.
*/
export interface LoadBalancerArgs {
/**
* Access Logs block. See below.
*/
accessLogs?: pulumi.Input<inputs.alb.LoadBalancerAccessLogs>;
/**
* Client keep alive value in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
*/
clientKeepAlive?: pulumi.Input<number>;
/**
* Connection Logs block. See below. Only valid for Load Balancers of type `application`.
*/
connectionLogs?: pulumi.Input<inputs.alb.LoadBalancerConnectionLogs>;
/**
* ID of the customer owned ipv4 pool to use for this load balancer.
*/
customerOwnedIpv4Pool?: pulumi.Input<string>;
/**
* How the load balancer handles requests that might pose a security risk to an application due to HTTP desync. Valid values are `monitor`, `defensive` (default), `strictest`.
*/
desyncMitigationMode?: pulumi.Input<string>;
/**
* How traffic is distributed among the load balancer Availability Zones. Possible values are `anyAvailabilityZone` (default), `availabilityZoneAffinity`, or `partialAvailabilityZoneAffinity`. See [Availability Zone DNS affinity](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#zonal-dns-affinity) for additional details. Only valid for `network` type load balancers.
*/
dnsRecordClientRoutingPolicy?: pulumi.Input<string>;
/**
* Whether HTTP headers with header fields that are not valid are removed by the load balancer (true) or routed to targets (false). The default is false. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens. Only valid for Load Balancers of type `application`.
*/
dropInvalidHeaderFields?: pulumi.Input<boolean>;
/**
* If true, cross-zone load balancing of the load balancer will be enabled. For `network` and `gateway` type load balancers, this feature is disabled by default (`false`). For `application` load balancer this feature is always enabled (`true`) and cannot be disabled. Defaults to `false`.
*/
enableCrossZoneLoadBalancing?: pulumi.Input<boolean>;
/**
* If true, deletion of the load balancer will be disabled via the AWS API. This will prevent this provider from deleting the load balancer. Defaults to `false`.
*/
enableDeletionProtection?: pulumi.Input<boolean>;
/**
* Whether HTTP/2 is enabled in `application` load balancers. Defaults to `true`.
*/
enableHttp2?: pulumi.Input<boolean>;
/**
* Whether the two headers (`x-amzn-tls-version` and `x-amzn-tls-cipher-suite`), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. Only valid for Load Balancers of type `application`. Defaults to `false`
*/
enableTlsVersionAndCipherSuiteHeaders?: pulumi.Input<boolean>;
/**
* Whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. Defaults to `false`.
*/
enableWafFailOpen?: pulumi.Input<boolean>;
/**
* Whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in `application` load balancers. Defaults to `false`.
*/
enableXffClientPort?: pulumi.Input<boolean>;
/**
* Whether zonal shift is enabled. Defaults to `false`.
*/
enableZonalShift?: pulumi.Input<boolean>;
/**
* Whether inbound security group rules are enforced for traffic originating from a PrivateLink. Only valid for Load Balancers of type `network`. The possible values are `on` and `off`.
*/
enforceSecurityGroupInboundRulesOnPrivateLinkTraffic?: pulumi.Input<string>;
/**
* Time in seconds that the connection is allowed to be idle. Only valid for Load Balancers of type `application`. Default: 60.
*/
idleTimeout?: pulumi.Input<number>;
/**
* If true, the LB will be internal. Defaults to `false`.
*/
internal?: pulumi.Input<boolean>;
/**
* Type of IP addresses used by the subnets for your load balancer. The possible values depend upon the load balancer type: `ipv4` (all load balancer types), `dualstack` (all load balancer types), and `dualstack-without-public-ipv4` (type `application` only).
*/
ipAddressType?: pulumi.Input<string | enums.alb.IpAddressType>;
/**
* . The IPAM pools to use with the load balancer. Only valid for Load Balancers of type `application`. See ipamPools for more information.
*/
ipamPools?: pulumi.Input<inputs.alb.LoadBalancerIpamPools>;
/**
* Type of load balancer to create. Possible values are `application`, `gateway`, or `network`. The default value is `application`.
*/
loadBalancerType?: pulumi.Input<enums.alb.LoadBalancerType>;
/**
* Minimum capacity for a load balancer. Only valid for Load Balancers of type `application` or `network`.
*/
minimumLoadBalancerCapacity?: pulumi.Input<inputs.alb.LoadBalancerMinimumLoadBalancerCapacity>;
/**
* Name of the LB. This name must be unique within your AWS account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified, this provider will autogenerate a name beginning with `tf-lb`.
*/
name?: pulumi.Input<string>;
/**
* Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*/
namePrefix?: pulumi.Input<string>;
/**
* Whether the Application Load Balancer should preserve the Host header in the HTTP request and send it to the target without any change. Defaults to `false`.
*/
preserveHostHeader?: pulumi.Input<boolean>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* The number of secondary IP addresses to configure for your load balancer nodes. Only valid for Load Balancers of type `network`. The valid range is 0-7. When decreased, this will force a recreation of the resource. Default: `0`.
*/
secondaryIpsAutoAssignedPerSubnet?: pulumi.Input<number>;
/**
* List of security group IDs to assign to the LB. Only valid for Load Balancers of type `application` or `network`. For load balancers of type `network` security groups cannot be added if none are currently present, and cannot all be removed once added. If either of these conditions are met, this will force a recreation of the resource.
*/
securityGroups?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Subnet mapping block. See below. For Load Balancers of type `network` subnet mappings can only be added.
*/
subnetMappings?: pulumi.Input<pulumi.Input<inputs.alb.LoadBalancerSubnetMapping>[]>;
/**
* List of subnet IDs to attach to the LB. For Load Balancers of type `network` subnets can only be added (see [Availability Zones](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#availability-zones)), deleting a subnet for load balancers of type `network` will force a recreation of the resource.
*/
subnets?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Determines how the load balancer modifies the `X-Forwarded-For` header in the HTTP request before sending the request to the target. The possible values are `append`, `preserve`, and `remove`. Only valid for Load Balancers of type `application`. The default is `append`.
*
* > **NOTE:** Please note that internal LBs can only use `ipv4` as the `ipAddressType`. You can only change to `dualstack` `ipAddressType` if the selected subnets are IPv6 enabled.
*
* > **NOTE:** Please note that one of either `subnets` or `subnetMapping` is required.
*/
xffHeaderProcessingMode?: pulumi.Input<string>;
}