aws.app-elb-target-group¶
Resource manager for v2 ELB target groups.
Filters¶
attributes¶
Value filter that allows filtering on Target group attributes
- example:
policies:
- name: target-group-check-attributes
resource: app-elb-target-group
filters:
- type: attributes
key: preserve_client_ip.enabled
value: True
op: eq
properties:
default:
type: object
key:
type: string
op:
enum:
- eq
- equal
- ne
- not-equal
- gt
- greater-than
- ge
- gte
- le
- lte
- lt
- less-than
- glob
- regex
- regex-case
- in
- ni
- not-in
- contains
- difference
- intersect
type:
enum:
- attributes
value:
oneOf:
- type: array
- type: string
- type: boolean
- type: number
- type: 'null'
value_from:
additionalProperties: 'False'
properties:
expr:
oneOf:
- type: integer
- type: string
format:
enum:
- csv
- json
- txt
- csv2dict
headers:
patternProperties:
? ''
: type: string
type: object
url:
type: string
required:
- url
type: object
value_path:
type: string
value_regex:
type: string
value_type:
enum:
- age
- integer
- expiration
- normalize
- size
- cidr
- cidr_size
- swap
- resource_count
- expr
- unique_size
- date
- version
- float
required:
- type
Permissions - elasticloadbalancing:DescribeTargetGroupAttributes
default-vpc¶
Filter all application elb target groups within the default vpc
- example:
policies:
- name: appelb-targetgroups-default-vpc
resource: app-elb-target-group
filters:
- default-vpc
properties:
type:
enum:
- default-vpc
required:
- type
Permissions - ec2:DescribeVpcs
Actions¶
delete¶
Action to delete ELB target group
It is recommended to apply a filter to the delete policy to avoid unwanted deletion of any app elb target groups.
- example:
policies:
- name: appelb-targetgroups-delete-unused
resource: app-elb-target-group
filters:
- "tag:SomeTag": absent
actions:
- delete
properties:
type:
enum:
- delete
required:
- type
Permissions - elasticloadbalancing:DeleteTargetGroup
modify-attributes¶
Modify target group attributes.
- example:
policies:
- name: modify-preserve-client-ip-enable
resource: app-elb-target-group
filters:
- type: attributes
key: "preserve_client_ip.enabled"
value: False
actions:
- type: modify-attributes
attributes:
"preserve_client_ip.enabled": "true"
properties:
attributes:
additionalProperties: false
properties:
deregistration_delay.connection_termination.enabled:
enum:
- 'true'
- 'false'
- true
- false
deregistration_delay.timeout_seconds:
type: number
lambda.multi_value_headers.enabled:
enum:
- 'true'
- 'false'
- true
- false
load_balancing.algorithm.type:
enum:
- round_robin
- least_outstanding_requests
load_balancing.cross_zone.enabled:
enum:
- 'true'
- 'false'
- true
- false
- use_load_balancer_configuration
preserve_client_ip.enabled:
enum:
- 'true'
- 'false'
- true
- false
proxy_protocol_v2.enabled:
enum:
- 'true'
- 'false'
- true
- false
slow_start.duration_seconds:
type: number
stickiness.app_cookie.cookie_name:
type: string
stickiness.app_cookie.duration_seconds:
type: number
stickiness.enabled:
enum:
- 'true'
- 'false'
- true
- false
stickiness.lb_cookie.duration_seconds:
type: number
stickiness.type:
enum:
- lb_cookie
- app_cookie
- source_ip
- source_ip_dest_ip
- source_ip_dest_ip_proto
target_failover.on_deregistration:
enum:
- rebalance
- no_rebalance
target_failover.on_unhealthy:
enum:
- rebalance
- no_rebalance
target_group_health.dns_failover.minimum_healthy_targets.count:
type: string
target_group_health.dns_failover.minimum_healthy_targets.percentage:
type: string
target_group_health.unhealthy_state_routing.minimum_healthy_targets.count:
type: number
target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage:
type: string
type: object
type:
enum:
- modify-attributes
Permissions - elasticloadbalancing:ModifyTargetGroupAttributes