github.com/ves/terraform@v0.8.0-beta2/website/source/docs/providers/aws/r/load_balancer_policy.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_load_balancer_policy" 4 sidebar_current: "docs-aws-resource-load-balancer-policy" 5 description: |- 6 Provides a load balancer policy, which can be attached to an ELB listener or backend server. 7 --- 8 9 # aws\_elb\_load\_balancer\_policy 10 11 Provides a load balancer policy, which can be attached to an ELB listener or backend server. 12 13 ## Example Usage 14 15 ``` 16 resource "aws_elb" "wu-tang" { 17 name = "wu-tang" 18 availability_zones = ["us-east-1a"] 19 20 listener { 21 instance_port = 443 22 instance_protocol = "http" 23 lb_port = 443 24 lb_protocol = "https" 25 ssl_certificate_id = "arn:aws:iam::000000000000:server-certificate/wu-tang.net" 26 } 27 28 tags { 29 Name = "wu-tang" 30 } 31 } 32 33 resource "aws_load_balancer_policy" "wu-tang-ca-pubkey-policy" { 34 load_balancer_name = "${aws_elb.wu-tang.name}" 35 policy_name = "wu-tang-ca-pubkey-policy" 36 policy_type_name = "PublicKeyPolicyType" 37 policy_attribute = { 38 name = "PublicKey" 39 value = "${file("wu-tang-pubkey")}" 40 } 41 } 42 43 resource "aws_load_balancer_policy" "wu-tang-root-ca-backend-auth-policy" { 44 load_balancer_name = "${aws_elb.wu-tang.name}" 45 policy_name = "wu-tang-root-ca-backend-auth-policy" 46 policy_type_name = "BackendServerAuthenticationPolicyType" 47 policy_attribute = { 48 name = "PublicKeyPolicyName" 49 value = "${aws_load_balancer_policy.wu-tang-root-ca-pubkey-policy.policy_name}" 50 } 51 } 52 53 resource "aws_load_balancer_policy" "wu-tang-ssl" { 54 load_balancer_name = "${aws_elb.wu-tang.name}" 55 policy_name = "wu-tang-ssl" 56 policy_type_name = "SSLNegotiationPolicyType" 57 policy_attribute = { 58 name = "ECDHE-ECDSA-AES128-GCM-SHA256" 59 value = "true" 60 } 61 policy_attribute = { 62 name = "Protocol-TLSv1.2" 63 value = "true" 64 } 65 } 66 67 resource "aws_load_balancer_backend_server_policy" "wu-tang-backend-auth-policies-443" { 68 load_balancer_name = "${aws_elb.wu-tang.name}" 69 instance_port = 443 70 policy_names = [ 71 "${aws_load_balancer_policy.wu-tang-root-ca-backend-auth-policy.policy_name}" 72 ] 73 } 74 75 resource "aws_load_balancer_listener_policy" "wu-tang-listener-policies-443" { 76 load_balancer_name = "${aws_elb.wu-tang.name}" 77 load_balancer_port = 443 78 policy_names = [ 79 "${aws_load_balancer_policy.wu-tang-ssl.policy_name}" 80 ] 81 } 82 ``` 83 84 Where the file `pubkey` in the current directory contains only the _public key_ of the certificate. 85 86 ``` 87 cat wu-tang-ca.pem | openssl x509 -pubkey -noout | grep -v '\-\-\-\-' | tr -d '\n' > wu-tang-pubkey 88 ``` 89 90 This example shows how to enable backend authentication for an ELB as well as customize the TLS settings. 91 92 ## Argument Reference 93 94 The following arguments are supported: 95 96 * `load_balancer_name` - (Required) The load balancer on which the policy is defined. 97 * `policy_name` - (Required) The name of the load balancer policy. 98 * `policy_type_name` - (Required) The policy type. 99 * `policy_attribute` - (Optional) Policy attribute to apply to the policy. 100 101 ## Attributes Reference 102 103 The following attributes are exported: 104 105 * `id` - The ID of the policy. 106 * `policy_name` - The name of the stickiness policy. 107 * `policy_type_name` - The policy type of the policy. 108 * `load_balancer_name` - The load balancer on which the policy is defined.