• 沒有找到結果。

Data Types

在文檔中 Elastic Load Balancing (頁 122-132)

The Elastic Load Balancing API contains several data types that various actions use. This section describes each data type in detail.

NoteThe order of each element in a data type structure is not guaranteed. Applications should not assume a particular order.

The following data types are supported:

• Action (p. 116)

• AuthenticateCognitoActionConfig (p. 118)

• AuthenticateOidcActionConfig (p. 120)

• AvailabilityZone (p. 123)

• Certificate (p. 124)

• Cipher (p. 125)

• FixedResponseActionConfig (p. 126)

• ForwardActionConfig (p. 127)

• HostHeaderConditionConfig (p. 128)

• HttpHeaderConditionConfig (p. 129)

• HttpRequestMethodConditionConfig (p. 130)

• Limit (p. 131)

• Listener (p. 132)

• LoadBalancer (p. 134)

• LoadBalancerAddress (p. 137)

• LoadBalancerAttribute (p. 138)

• LoadBalancerState (p. 140)

• Matcher (p. 141)

• PathPatternConditionConfig (p. 142)

• QueryStringConditionConfig (p. 143)

• QueryStringKeyValuePair (p. 144)

• RedirectActionConfig (p. 145)

• Rule (p. 147)

• RuleCondition (p. 148)

• RulePriorityPair (p. 150)

• SourceIpConditionConfig (p. 151)

• SslPolicy (p. 152)

• SubnetMapping (p. 153)

• Tag (p. 154)

• TagDescription (p. 155)

• TargetDescription (p. 156)

• TargetGroup (p. 158)

• TargetGroupAttribute (p. 161)

• TargetGroupStickinessConfig (p. 163)

• TargetGroupTuple (p. 164)

• TargetHealth (p. 165)

• TargetHealthDescription (p. 167)

API Version 2015-12-01 115

Action

Action

Information about an action.

Each rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed.

Contents

AuthenticateCognitoConfig

[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when Type is authenticate-cognito.

Type: AuthenticateCognitoActionConfig (p. 118) object Required: No

AuthenticateOidcConfig

[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when Type is authenticate-oidc.

Type: AuthenticateOidcActionConfig (p. 120) object Required: No

FixedResponseConfig

[Application Load Balancer] Information for creating an action that returns a custom HTTP response.

Specify only when Type is fixed-response.

Type: FixedResponseActionConfig (p. 126) object Required: No

ForwardConfig

Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type is forward.

If you specify both ForwardConfig and TargetGroupArn, you can specify only one target group using ForwardConfig and it must be the same target group specified in TargetGroupArn.

Type: ForwardActionConfig (p. 127) object Required: No

Order

The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 50000.

Required: No RedirectConfig

[Application Load Balancer] Information for creating a redirect action. Specify only when Type is redirect.

Type: RedirectActionConfig (p. 145) object Required: No

TargetGroupArn

The Amazon Resource Name (ARN) of the target group. Specify only when Type is forward and you want to route to a single target group. To route to one or more target groups, use ForwardConfig instead.

Type: String Required: No Type

The type of action.

Type: String

Valid Values: forward | authenticate-oidc | authenticate-cognito | redirect | fixed-response

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3

API Version 2015-12-01 117

AuthenticateCognitoActionConfig

AuthenticateCognitoActionConfig

Request parameters to use when integrating with Amazon Cognito to authenticate users.

Contents

AuthenticationRequestExtraParams , AuthenticationRequestExtraParams.entry.N.key (key) , AuthenticationRequestExtraParams.entry.N.value (value)

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

Type: String to string map Required: No

OnUnauthenticatedRequest

The behavior if the user is not authenticated. The following are possible values:

• deny - Return an HTTP 401 Unauthorized error.

• allow - Allow the request to be forwarded to the target.

• authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

Type: String

Valid Values: deny | allow | authenticate Required: No

Scope

The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

Type: String Required: No SessionCookieName

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

Type: String Required: No SessionTimeout

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

Type: Long Required: No UserPoolArn

The Amazon Resource Name (ARN) of the Amazon Cognito user pool.

Type: String

Required: Yes UserPoolClientId

The ID of the Amazon Cognito user pool client.

Type: String Required: Yes UserPoolDomain

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

Type: String Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3

API Version 2015-12-01 119

AuthenticateOidcActionConfig

AuthenticateOidcActionConfig

Request parameters when using an identity provider (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.

Contents

AuthenticationRequestExtraParams , AuthenticationRequestExtraParams.entry.N.key (key) , AuthenticationRequestExtraParams.entry.N.value (value)

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

Type: String to string map Required: No

AuthorizationEndpoint

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

Type: String Required: Yes ClientId

The OAuth 2.0 client identifier.

Type: String Required: Yes ClientSecret

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

Type: String Required: No Issuer

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

Type: String Required: Yes

OnUnauthenticatedRequest

The behavior if the user is not authenticated. The following are possible values:

• deny - Return an HTTP 401 Unauthorized error.

• allow - Allow the request to be forwarded to the target.

• authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

Type: String

Valid Values: deny | allow | authenticate

Required: No Scope

The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

Type: String Required: No SessionCookieName

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

Type: String Required: No SessionTimeout

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

Type: Long Required: No TokenEndpoint

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

Type: String Required: Yes UseExistingClientSecret

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

Type: Boolean Required: No UserInfoEndpoint

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

Type: String Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

API Version 2015-12-01 121

See Also

• AWS SDK for Java V2

• AWS SDK for Ruby V3

AvailabilityZone

Information about an Availability Zone.

Contents

LoadBalancerAddresses.member.N

[Network Load Balancers] If you need static IP addresses for your load balancer, you can specify one Elastic IP address per Availability Zone when you create an internal-facing load balancer. For internal load balancers, you can specify a private IP address from the IPv4 range of the subnet.

Type: Array of LoadBalancerAddress (p. 137) objects Required: No

OutpostId

[Application Load Balancers on Outposts] The ID of the Outpost.

Type: String Required: No SubnetId

The ID of the subnet. You can specify one subnet per Availability Zone.

Type: String Required: No ZoneName

The name of the Availability Zone.

Type: String Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3

API Version 2015-12-01 123

在文檔中 Elastic Load Balancing (頁 122-132)
立即下載 "Elastic Load Balancing"

Outline

相關文件