AWS::ElasticLoadBalancingV2::ListenerRule - AWS CloudFormation
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS::ElasticLoadBalancingV2::ListenerRule

指定侦听器规则。侦听器必须与 Application Load Balancer 关联。每条规则由优先级、一个或多个操作以及一个或多个条件组成。

语法

要在 AWS CloudFormation 模板中声明此实体,请使用以下语法:

JSON

{ "Type" : "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties" : { "Actions" : [ Action, ... ], "Conditions" : [ RuleCondition, ... ], "ListenerArn" : String, "Priority" : Integer } }

YAML

Type: AWS::ElasticLoadBalancingV2::ListenerRule Properties: Actions: - Action Conditions: - RuleCondition ListenerArn: String Priority: Integer

属性

Actions

操作。

规则必须只包含以下类型的操作之一:forwardfixed-responseredirect,并且它必须为要执行的最后一个操作。如果规则适用于 HTTPS 侦听器,则它还可以选择性地包含身份验证操作。

必需:是

类型操作的列表

Update requires: No interruption

Conditions

条件。

规则可以有选择地最多包含以下条件之一:http-request-methodhost-headerpath-patternsource-ip。规则还可以有选择地包含以下每个条件中的一个或多个:http-headerquery-string

必需:是

类型RuleCondition 的列表

Update requires: No interruption

ListenerArn

侦听器的 Amazon 资源名称 (ARN)。

必需:是

类型:字符串

Update requires: Replacement

Priority

规则优先级。侦听器不能具有优先级相同的多个规则。

如果您尝试通过更新规则的优先级对规则重新排序,则勿在现有规则已使用新优先级的情况下,指定此优先级,因为这可能会导致错误。如果需要将优先级重用于其他规则,则必须先将此优先级删除,然后在后续更新中指定它。

必需:是

类型:整数

最低1

最高50000

Update requires: No interruption

返回值

Ref

在将此资源的逻辑 ID 传递给内部 Ref 函数时,Ref 返回侦听器规则的 Amazon 资源名称 (ARN)。

For more information about using the Ref function, see Ref.

示例

HTTP 标头规则示例

YAML

Parameters: CidrBlockForVPC: Default: 187.0.0.0/24 Description: CidrBlockForVPC Type: String CidrBlockForSubnet1: Default: 187.0.0.0/25 Description: Cidr Block For Subnet1 Type: String CidrBlockForSubnet2: Default: 187.0.0.128/25 Description: Cidr Block For Subnet2 Type: String AvailabilityZoneForSubnet1: Default: us-east-1c Description: AvailabilityZone For Subnet1 Type: String AvailabilityZoneForSubnet2: Default: us-east-1b Description: AvailabilityZone For Subnet2 Type: String Resources: VPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref CidrBlockForVPC Subnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet1 CidrBlock: !Ref CidrBlockForSubnet1 Subnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet2 CidrBlock: !Ref CidrBlockForSubnet2 LoadBalancer: Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' Properties: Scheme: internal Subnets: - !Ref Subnet1 - !Ref Subnet2 TargetGroup1: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 1000 Protocol: HTTP VpcId: !Ref VPC TargetGroup2: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 2000 Protocol: HTTP VpcId: !Ref VPC ListenerRule1: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup1 Conditions: - Field: http-header HttpHeaderConfig: HttpHeaderName: User-Agent Values: - Mozilla - Field: http-header HttpHeaderConfig: HttpHeaderName: Referer Values: - 'https://www.amazon.com/' ListenerArn: !Ref Listener Priority: 1 ListenerRule2: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup2 Conditions: - Field: http-header HttpHeaderConfig: HttpHeaderName: User-Agent Values: - Chrome ListenerArn: !Ref Listener Priority: 2 Listener: Type: 'AWS::ElasticLoadBalancingV2::Listener' Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref TargetGroup1 LoadBalancerArn: !Ref LoadBalancer Port: '8000' Protocol: HTTP LoadBalancerAlarm: Type: 'AWS::CloudWatch::Alarm' Properties: Namespace: AWS/ApplicationELB Dimensions: - Name: LoadBalancer Value: !GetAtt - LoadBalancer - LoadBalancerFullName - Name: TargetGroup Value: !GetAtt - TargetGroup1 - TargetGroupFullName MetricName: UnHealthyHostCount Period: 60 Statistic: Average ComparisonOperator: GreaterThanThreshold Threshold: 0 EvaluationPeriods: 1 Outputs: LoadBalancer: Value: !Ref LoadBalancer TargetGroup1: Value: !Ref TargetGroup1 TargetGroup2: Value: !Ref TargetGroup2 ListenerArn: Value: !Ref Listener ListenerRule1Arn: Value: !Ref ListenerRule1 ListenerRule2Arn: Value: !Ref ListenerRule2 LoadBalancersAssociatedWithTargetGroup1: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup1 - LoadBalancerArns LoadBalancersAssociatedWithTargetGroup2: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup2 - LoadBalancerArns TargetGroupFullName1: Description: FullName of TargetGroup1 Value: !GetAtt - TargetGroup1 - TargetGroupFullName TargetGroupFullName2: Description: FullName of TargetGroup2 Value: !GetAtt - TargetGroup2 - TargetGroupFullName

JSON

{ "Parameters": { "CidrBlockForVPC" : { "Default" : "187.0.0.0/24", "Description" : "CidrBlockForVPC", "Type" : "String" }, "CidrBlockForSubnet1" : { "Default" : "187.0.0.0/25", "Description" : "Cidr Block For Subnet1", "Type" : "String" }, "CidrBlockForSubnet2" : { "Default" : "187.0.0.128/25", "Description" : "Cidr Block For Subnet2", "Type" : "String" }, "AvailabilityZoneForSubnet1" : { "Default" : "us-east-1c", "Description" : "AvailabilityZone For Subnet1", "Type" : "String" }, "AvailabilityZoneForSubnet2" : { "Default" : "us-east-1b", "Description" : "AvailabilityZone For Subnet2", "Type" : "String" } }, "Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": {"Ref" : "CidrBlockForVPC"} } }, "Subnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet1" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet1"} } }, "Subnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet2" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet2"} } }, "LoadBalancer" : { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "Scheme" : "internal", "Subnets" : [ {"Ref": "Subnet1"}, {"Ref" : "Subnet2"} ] } }, "TargetGroup1" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 1000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "TargetGroup2" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 2000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "ListenerRule1": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "Conditions": [{ "Field": "http-header", "HttpHeaderConfig": { "HttpHeaderName": "User-Agent", "Values": ["Mozilla"] } }, { "Field": "http-header", "HttpHeaderConfig": { "HttpHeaderName": "Referer", "Values": ["https://www.amazon.com/"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 1 } }, "ListenerRule2": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup2" } }], "Conditions": [{ "Field": "http-header", "HttpHeaderConfig": { "HttpHeaderName": "User-Agent", "Values": ["Chrome"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 2 } }, "Listener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "LoadBalancerArn": { "Ref": "LoadBalancer" }, "Port": "8000", "Protocol": "HTTP" } }, "LoadBalancerAlarm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "Namespace": "AWS/ApplicationELB", "Dimensions": [ { "Name": "LoadBalancer", "Value": {"Fn::GetAtt" : ["LoadBalancer", "LoadBalancerFullName"]} }, { "Name": "TargetGroup", "Value": {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} } ], "MetricName": "UnHealthyHostCount", "Period": 60, "Statistic": "Average", "ComparisonOperator": "GreaterThanThreshold", "Threshold": 0, "EvaluationPeriods": 1 } } }, "Outputs": { "LoadBalancer": { "Value": { "Ref": "LoadBalancer" } }, "TargetGroup1": { "Value": { "Ref": "TargetGroup1" } }, "TargetGroup2": { "Value": { "Ref": "TargetGroup2" } }, "ListenerArn": { "Value": { "Ref": "Listener" } }, "ListenerRule1Arn": { "Value": { "Ref": "ListenerRule1" } }, "ListenerRule2Arn": { "Value": { "Ref": "ListenerRule2" } }, "LoadBalancersAssociatedWithTargetGroup1" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup1", "LoadBalancerArns"] } ] } }, "LoadBalancersAssociatedWithTargetGroup2" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup2", "LoadBalancerArns"] } ] } }, "TargetGroupFullName1" : { "Description" : "FullName of TargetGroup1", "Value" : {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} }, "TargetGroupFullName2" : { "Description" : "FullName of TargetGroup2", "Value" : {"Fn::GetAtt" : ["TargetGroup2", "TargetGroupFullName"]} } } }

HTTP 请求方法规则示例

YAML

Parameters: CidrBlockForVPC: Default: 187.0.0.0/24 Description: CidrBlockForVPC Type: String CidrBlockForSubnet1: Default: 187.0.0.0/25 Description: Cidr Block For Subnet1 Type: String CidrBlockForSubnet2: Default: 187.0.0.128/25 Description: Cidr Block For Subnet2 Type: String AvailabilityZoneForSubnet1: Default: us-east-1c Description: AvailabilityZone For Subnet1 Type: String AvailabilityZoneForSubnet2: Default: us-east-1b Description: AvailabilityZone For Subnet2 Type: String Resources: VPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref CidrBlockForVPC Subnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet1 CidrBlock: !Ref CidrBlockForSubnet1 Subnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet2 CidrBlock: !Ref CidrBlockForSubnet2 LoadBalancer: Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' Properties: Scheme: internal Subnets: - !Ref Subnet1 - !Ref Subnet2 TargetGroup1: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 1000 Protocol: HTTP VpcId: !Ref VPC TargetGroup2: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 2000 Protocol: HTTP VpcId: !Ref VPC ListenerRule1: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup1 Conditions: - Field: http-request-method HttpRequestMethodConfig: Values: - GET_OR_HEAD ListenerArn: !Ref Listener Priority: 1 ListenerRule2: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup2 Conditions: - Field: http-request-method HttpRequestMethodConfig: Values: - POST ListenerArn: !Ref Listener Priority: 2 Listener: Type: 'AWS::ElasticLoadBalancingV2::Listener' Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref TargetGroup1 LoadBalancerArn: !Ref LoadBalancer Port: '8000' Protocol: HTTP LoadBalancerAlarm: Type: 'AWS::CloudWatch::Alarm' Properties: Namespace: AWS/ApplicationELB Dimensions: - Name: LoadBalancer Value: !GetAtt - LoadBalancer - LoadBalancerFullName - Name: TargetGroup Value: !GetAtt - TargetGroup1 - TargetGroupFullName MetricName: UnHealthyHostCount Period: 60 Statistic: Average ComparisonOperator: GreaterThanThreshold Threshold: 0 EvaluationPeriods: 1 Outputs: LoadBalancer: Value: !Ref LoadBalancer TargetGroup1: Value: !Ref TargetGroup1 TargetGroup2: Value: !Ref TargetGroup2 ListenerArn: Value: !Ref Listener ListenerRule1Arn: Value: !Ref ListenerRule1 ListenerRule2Arn: Value: !Ref ListenerRule2 LoadBalancersAssociatedWithTargetGroup1: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup1 - LoadBalancerArns LoadBalancersAssociatedWithTargetGroup2: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup2 - LoadBalancerArns TargetGroupFullName1: Description: FullName of TargetGroup1 Value: !GetAtt - TargetGroup1 - TargetGroupFullName TargetGroupFullName2: Description: FullName of TargetGroup2 Value: !GetAtt - TargetGroup2 - TargetGroupFullName

JSON

{ "Parameters": { "CidrBlockForVPC" : { "Default" : "187.0.0.0/24", "Description" : "CidrBlockForVPC", "Type" : "String" }, "CidrBlockForSubnet1" : { "Default" : "187.0.0.0/25", "Description" : "Cidr Block For Subnet1", "Type" : "String" }, "CidrBlockForSubnet2" : { "Default" : "187.0.0.128/25", "Description" : "Cidr Block For Subnet2", "Type" : "String" }, "AvailabilityZoneForSubnet1" : { "Default" : "us-east-1c", "Description" : "AvailabilityZone For Subnet1", "Type" : "String" }, "AvailabilityZoneForSubnet2" : { "Default" : "us-east-1b", "Description" : "AvailabilityZone For Subnet2", "Type" : "String" } }, "Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": {"Ref" : "CidrBlockForVPC"} } }, "Subnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet1" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet1"} } }, "Subnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet2" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet2"} } }, "LoadBalancer" : { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "Scheme" : "internal", "Subnets" : [ {"Ref": "Subnet1"}, {"Ref" : "Subnet2"} ] } }, "TargetGroup1" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 1000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "TargetGroup2" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 2000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "ListenerRule1": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "Conditions": [{ "Field": "http-request-method", "HttpRequestMethodConfig": { "Values": ["GET_OR_HEAD"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 1 } }, "ListenerRule2": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup2" } }], "Conditions": [{ "Field": "http-request-method", "HttpRequestMethodConfig": { "Values": ["POST"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 2 } }, "Listener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "LoadBalancerArn": { "Ref": "LoadBalancer" }, "Port": "8000", "Protocol": "HTTP" } }, "LoadBalancerAlarm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "Namespace": "AWS/ApplicationELB", "Dimensions": [ { "Name": "LoadBalancer", "Value": {"Fn::GetAtt" : ["LoadBalancer", "LoadBalancerFullName"]} }, { "Name": "TargetGroup", "Value": {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} } ], "MetricName": "UnHealthyHostCount", "Period": 60, "Statistic": "Average", "ComparisonOperator": "GreaterThanThreshold", "Threshold": 0, "EvaluationPeriods": 1 } } }, "Outputs": { "LoadBalancer": { "Value": { "Ref": "LoadBalancer" } }, "TargetGroup1": { "Value": { "Ref": "TargetGroup1" } }, "TargetGroup2": { "Value": { "Ref": "TargetGroup2" } }, "ListenerArn": { "Value": { "Ref": "Listener" } }, "ListenerRule1Arn": { "Value": { "Ref": "ListenerRule1" } }, "ListenerRule2Arn": { "Value": { "Ref": "ListenerRule2" } }, "LoadBalancersAssociatedWithTargetGroup1" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup1", "LoadBalancerArns"] } ] } }, "LoadBalancersAssociatedWithTargetGroup2" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup2", "LoadBalancerArns"] } ] } }, "TargetGroupFullName1" : { "Description" : "FullName of TargetGroup1", "Value" : {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} }, "TargetGroupFullName2" : { "Description" : "FullName of TargetGroup2", "Value" : {"Fn::GetAtt" : ["TargetGroup2", "TargetGroupFullName"]} } } }

查询字符串规则示例

YAML

Parameters: CidrBlockForVPC: Default: 187.0.0.0/24 Description: CidrBlockForVPC Type: String CidrBlockForSubnet1: Default: 187.0.0.0/25 Description: Cidr Block For Subnet1 Type: String CidrBlockForSubnet2: Default: 187.0.0.128/25 Description: Cidr Block For Subnet2 Type: String AvailabilityZoneForSubnet1: Default: us-east-1c Description: AvailabilityZone For Subnet1 Type: String AvailabilityZoneForSubnet2: Default: us-east-1b Description: AvailabilityZone For Subnet2 Type: String Resources: VPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref CidrBlockForVPC Subnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet1 CidrBlock: !Ref CidrBlockForSubnet1 Subnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet2 CidrBlock: !Ref CidrBlockForSubnet2 LoadBalancer: Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' Properties: Scheme: internal Subnets: - !Ref Subnet1 - !Ref Subnet2 TargetGroup1: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 1000 Protocol: HTTP VpcId: !Ref VPC TargetGroup2: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 2000 Protocol: HTTP VpcId: !Ref VPC ListenerRule1: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup1 Conditions: - Field: query-string QueryStringConfig: Values: - Key: Foo Value: Bar - Field: query-string QueryStringConfig: Values: - Key: Bar Value: Xyz ListenerArn: !Ref Listener Priority: 1 ListenerRule2: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup2 Conditions: - Field: query-string QueryStringConfig: Values: - Key: Foo Value: Baz ListenerArn: !Ref Listener Priority: 2 Listener: Type: 'AWS::ElasticLoadBalancingV2::Listener' Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref TargetGroup1 LoadBalancerArn: !Ref LoadBalancer Port: '8000' Protocol: HTTP LoadBalancerAlarm: Type: 'AWS::CloudWatch::Alarm' Properties: Namespace: AWS/ApplicationELB Dimensions: - Name: LoadBalancer Value: !GetAtt - LoadBalancer - LoadBalancerFullName - Name: TargetGroup Value: !GetAtt - TargetGroup1 - TargetGroupFullName MetricName: UnHealthyHostCount Period: 60 Statistic: Average ComparisonOperator: GreaterThanThreshold Threshold: 0 EvaluationPeriods: 1 Outputs: LoadBalancer: Value: !Ref LoadBalancer TargetGroup1: Value: !Ref TargetGroup1 TargetGroup2: Value: !Ref TargetGroup2 ListenerArn: Value: !Ref Listener ListenerRule1Arn: Value: !Ref ListenerRule1 ListenerRule2Arn: Value: !Ref ListenerRule2 LoadBalancersAssociatedWithTargetGroup1: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup1 - LoadBalancerArns LoadBalancersAssociatedWithTargetGroup2: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup2 - LoadBalancerArns TargetGroupFullName1: Description: FullName of TargetGroup1 Value: !GetAtt - TargetGroup1 - TargetGroupFullName TargetGroupFullName2: Description: FullName of TargetGroup2 Value: !GetAtt - TargetGroup2 - TargetGroupFullName

JSON

{ "Parameters": { "CidrBlockForVPC" : { "Default" : "187.0.0.0/24", "Description" : "CidrBlockForVPC", "Type" : "String" }, "CidrBlockForSubnet1" : { "Default" : "187.0.0.0/25", "Description" : "Cidr Block For Subnet1", "Type" : "String" }, "CidrBlockForSubnet2" : { "Default" : "187.0.0.128/25", "Description" : "Cidr Block For Subnet2", "Type" : "String" }, "AvailabilityZoneForSubnet1" : { "Default" : "us-east-1c", "Description" : "AvailabilityZone For Subnet1", "Type" : "String" }, "AvailabilityZoneForSubnet2" : { "Default" : "us-east-1b", "Description" : "AvailabilityZone For Subnet2", "Type" : "String" } }, "Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": {"Ref" : "CidrBlockForVPC"} } }, "Subnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet1" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet1"} } }, "Subnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet2" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet2"} } }, "LoadBalancer" : { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "Scheme" : "internal", "Subnets" : [ {"Ref": "Subnet1"}, {"Ref" : "Subnet2"} ] } }, "TargetGroup1" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 1000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "TargetGroup2" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 2000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "ListenerRule1": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "Conditions": [{ "Field": "query-string", "QueryStringConfig": { "Values": [{ "Key": "Foo", "Value": "Bar" }] } }, { "Field": "query-string", "QueryStringConfig": { "Values": [{ "Key": "Bar", "Value": "Xyz" }] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 1 } }, "ListenerRule2": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup2" } }], "Conditions": [{ "Field": "query-string", "QueryStringConfig": { "Values": [{ "Key": "Foo", "Value": "Baz" }] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 2 } }, "Listener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "LoadBalancerArn": { "Ref": "LoadBalancer" }, "Port": "8000", "Protocol": "HTTP" } }, "LoadBalancerAlarm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "Namespace": "AWS/ApplicationELB", "Dimensions": [ { "Name": "LoadBalancer", "Value": {"Fn::GetAtt" : ["LoadBalancer", "LoadBalancerFullName"]} }, { "Name": "TargetGroup", "Value": {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} } ], "MetricName": "UnHealthyHostCount", "Period": 60, "Statistic": "Average", "ComparisonOperator": "GreaterThanThreshold", "Threshold": 0, "EvaluationPeriods": 1 } } }, "Outputs": { "LoadBalancer": { "Value": { "Ref": "LoadBalancer" } }, "TargetGroup1": { "Value": { "Ref": "TargetGroup1" } }, "TargetGroup2": { "Value": { "Ref": "TargetGroup2" } }, "ListenerArn": { "Value": { "Ref": "Listener" } }, "ListenerRule1Arn": { "Value": { "Ref": "ListenerRule1" } }, "ListenerRule2Arn": { "Value": { "Ref": "ListenerRule2" } }, "LoadBalancersAssociatedWithTargetGroup1" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup1", "LoadBalancerArns"] } ] } }, "LoadBalancersAssociatedWithTargetGroup2" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup2", "LoadBalancerArns"] } ] } }, "TargetGroupFullName1" : { "Description" : "FullName of TargetGroup1", "Value" : {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} }, "TargetGroupFullName2" : { "Description" : "FullName of TargetGroup2", "Value" : {"Fn::GetAtt" : ["TargetGroup2", "TargetGroupFullName"]} } } }

源 IP 规则示例

YAML

Parameters: CidrBlockForVPC: Default: 187.0.0.0/24 Description: CidrBlockForVPC Type: String CidrBlockForSubnet1: Default: 187.0.0.0/25 Description: Cidr Block For Subnet1 Type: String CidrBlockForSubnet2: Default: 187.0.0.128/25 Description: Cidr Block For Subnet2 Type: String AvailabilityZoneForSubnet1: Default: us-east-1c Description: AvailabilityZone For Subnet1 Type: String AvailabilityZoneForSubnet2: Default: us-east-1b Description: AvailabilityZone For Subnet2 Type: String Resources: VPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: !Ref CidrBlockForVPC Subnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet1 CidrBlock: !Ref CidrBlockForSubnet1 Subnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Ref AvailabilityZoneForSubnet2 CidrBlock: !Ref CidrBlockForSubnet2 LoadBalancer: Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' Properties: Scheme: internal Subnets: - !Ref Subnet1 - !Ref Subnet2 TargetGroup1: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 1000 Protocol: HTTP VpcId: !Ref VPC TargetGroup2: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' Properties: Port: 2000 Protocol: HTTP VpcId: !Ref VPC ListenerRule1: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup1 Conditions: - Field: source-ip SourceIpConfig: Values: - 172.0.0.0/8 ListenerArn: !Ref Listener Priority: 1 ListenerRule2: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' Properties: Actions: - Type: forward TargetGroupArn: !Ref TargetGroup2 Conditions: - Field: source-ip SourceIpConfig: Values: - 192.168.0.0/16 ListenerArn: !Ref Listener Priority: 2 Listener: Type: 'AWS::ElasticLoadBalancingV2::Listener' Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref TargetGroup1 LoadBalancerArn: !Ref LoadBalancer Port: '8000' Protocol: HTTP LoadBalancerAlarm: Type: 'AWS::CloudWatch::Alarm' Properties: Namespace: AWS/ApplicationELB Dimensions: - Name: LoadBalancer Value: !GetAtt - LoadBalancer - LoadBalancerFullName - Name: TargetGroup Value: !GetAtt - TargetGroup1 - TargetGroupFullName MetricName: UnHealthyHostCount Period: 60 Statistic: Average ComparisonOperator: GreaterThanThreshold Threshold: 0 EvaluationPeriods: 1 Outputs: LoadBalancer: Value: !Ref LoadBalancer TargetGroup1: Value: !Ref TargetGroup1 TargetGroup2: Value: !Ref TargetGroup2 ListenerArn: Value: !Ref Listener ListenerRule1Arn: Value: !Ref ListenerRule1 ListenerRule2Arn: Value: !Ref ListenerRule2 LoadBalancersAssociatedWithTargetGroup1: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup1 - LoadBalancerArns LoadBalancersAssociatedWithTargetGroup2: Description: LoadBalancers associated with TargetGroup Value: !Select - '0' - !GetAtt - TargetGroup2 - LoadBalancerArns TargetGroupFullName1: Description: FullName of TargetGroup1 Value: !GetAtt - TargetGroup1 - TargetGroupFullName TargetGroupFullName2: Description: FullName of TargetGroup2 Value: !GetAtt - TargetGroup2 - TargetGroupFullName

JSON

{ "Parameters": { "CidrBlockForVPC" : { "Default" : "187.0.0.0/24", "Description" : "CidrBlockForVPC", "Type" : "String" }, "CidrBlockForSubnet1" : { "Default" : "187.0.0.0/25", "Description" : "Cidr Block For Subnet1", "Type" : "String" }, "CidrBlockForSubnet2" : { "Default" : "187.0.0.128/25", "Description" : "Cidr Block For Subnet2", "Type" : "String" }, "AvailabilityZoneForSubnet1" : { "Default" : "us-east-1c", "Description" : "AvailabilityZone For Subnet1", "Type" : "String" }, "AvailabilityZoneForSubnet2" : { "Default" : "us-east-1b", "Description" : "AvailabilityZone For Subnet2", "Type" : "String" } }, "Resources": { "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": {"Ref" : "CidrBlockForVPC"} } }, "Subnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet1" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet1"} } }, "Subnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId" : { "Ref" : "VPC" }, "AvailabilityZone": { "Ref": "AvailabilityZoneForSubnet2" }, "CidrBlock": {"Ref" : "CidrBlockForSubnet2"} } }, "LoadBalancer" : { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "Scheme" : "internal", "Subnets" : [ {"Ref": "Subnet1"}, {"Ref" : "Subnet2"} ] } }, "TargetGroup1" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 1000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "TargetGroup2" : { "Type" : "AWS::ElasticLoadBalancingV2::TargetGroup", "Properties" : { "Port": 2000, "Protocol": "HTTP", "VpcId": { "Ref" : "VPC" } } }, "ListenerRule1": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "Conditions": [{ "Field": "source-ip", "SourceIpConfig": { "Values": ["172.0.0.0/8"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 1 } }, "ListenerRule2": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "Properties": { "Actions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup2" } }], "Conditions": [{ "Field": "source-ip", "SourceIpConfig": { "Values": ["192.168.0.0/16"] } }], "ListenerArn": { "Ref": "Listener" }, "Priority": 2 } }, "Listener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "Properties": { "DefaultActions": [{ "Type": "forward", "TargetGroupArn": { "Ref": "TargetGroup1" } }], "LoadBalancerArn": { "Ref": "LoadBalancer" }, "Port": "8000", "Protocol": "HTTP" } }, "LoadBalancerAlarm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "Namespace": "AWS/ApplicationELB", "Dimensions": [ { "Name": "LoadBalancer", "Value": {"Fn::GetAtt" : ["LoadBalancer", "LoadBalancerFullName"]} }, { "Name": "TargetGroup", "Value": {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} } ], "MetricName": "UnHealthyHostCount", "Period": 60, "Statistic": "Average", "ComparisonOperator": "GreaterThanThreshold", "Threshold": 0, "EvaluationPeriods": 1 } } }, "Outputs": { "LoadBalancer": { "Value": { "Ref": "LoadBalancer" } }, "TargetGroup1": { "Value": { "Ref": "TargetGroup1" } }, "TargetGroup2": { "Value": { "Ref": "TargetGroup2" } }, "ListenerArn": { "Value": { "Ref": "Listener" } }, "ListenerRule1Arn": { "Value": { "Ref": "ListenerRule1" } }, "ListenerRule2Arn": { "Value": { "Ref": "ListenerRule2" } }, "LoadBalancersAssociatedWithTargetGroup1" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup1", "LoadBalancerArns"] } ] } }, "LoadBalancersAssociatedWithTargetGroup2" : { "Description" : "LoadBalancers associated with TargetGroup", "Value" : { "Fn::Select" : [ "0", { "Fn::GetAtt" : ["TargetGroup2", "LoadBalancerArns"] } ] } }, "TargetGroupFullName1" : { "Description" : "FullName of TargetGroup1", "Value" : {"Fn::GetAtt" : ["TargetGroup1", "TargetGroupFullName"]} }, "TargetGroupFullName2" : { "Description" : "FullName of TargetGroup2", "Value" : {"Fn::GetAtt" : ["TargetGroup2", "TargetGroupFullName"]} } } }

另请参阅

  • Elastic Load Balancing API 参考(20125 年 12 月 1 日版)中的 CreateRule

  • Application Load Balancer 用户指南 中的侦听器规则