# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: MIT-0 AWSTemplateFormatVersion: 2010-09-09 Description: 'The Automated Load Balancer CloudFormation script performs the following orchestration tasks: - Creates an Elastic Load Balancer (NLB or ALB) within an existing VPC - It creates an ALB HTTP listener, with auto-redirect to HTTPS - Administrator decides whether to deploy an internal or internet facing load balancers' Parameters: AWSLoadBalancerName: Description: Enter a name for the Application Load Balancer Type: String AWSVpcId: Description: Select the appropriate AWS VpcID here. Type: 'AWS::EC2::VPC::Id' AWSSubnet1Id: Description: Select the appropriate Subnet 1 within the VPC. Type: 'AWS::EC2::Subnet::Id' AWSSubnet2Id: Description: Select the appropriate Subnet 2 within the VPC. Type: 'AWS::EC2::Subnet::Id' AWSSubnet3Id: Description: Select the appropriate Subnet 3 within the VPC. Type: 'AWS::EC2::Subnet::Id' AWSSecurityGroupId: Description: Select the appropriate Security Group ID. Type: 'AWS::EC2::SecurityGroup::Id' AWSLoadBalancerScheme: Description: Select the appropriate Load Balancer Type (Use 'internal = Private subnets' and 'internet-facing = Public subnets'). Type: String Default: internal AllowedValues: - internal - internet-facing AWSLoadBalancerType: Description: Select the appropriate Load Balancer Scheme (Use 'network = NLB' and 'application = ALB'). Type: String Default: network AllowedValues: - network - application Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Application Load Balancer - General Properties" Parameters: - AWSLoadBalancerName - AWSVpcId - AWSSecurityGroupId - Label: default: "Application Load Balancer - Internal or External deployment" Parameters: - AWSLoadBalancerType - AWSLoadBalancerScheme - AWSSubnet1Id - AWSSubnet2Id - AWSSubnet3Id Conditions: AWSALBLoadBalancerCondition: !Equals - !Ref AWSLoadBalancerType - "application" AWSNLBLoadBalancerCondition: !Equals - !Ref AWSLoadBalancerType - "network" Resources: AWSALBLoadBalancer: Condition: AWSALBLoadBalancerCondition Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' DeletionPolicy: Retain UpdateReplacePolicy: Retain Properties: Scheme: !Ref AWSLoadBalancerScheme Type: !Ref AWSLoadBalancerType Subnets: - !Ref AWSSubnet1Id - !Ref AWSSubnet2Id - !Ref AWSSubnet3Id LoadBalancerAttributes: - Key: idle_timeout.timeout_seconds Value: '50' SecurityGroups: - !Ref AWSSecurityGroupId Tags: - Key: Name Value: !Join - '' - - !Ref AWSLoadBalancerName - '-LoadBalancer' HTTPlistener: Condition: AWSALBLoadBalancerCondition Type: "AWS::ElasticLoadBalancingV2::Listener" DeletionPolicy: Retain UpdateReplacePolicy: Retain Properties: DefaultActions: - Type: "redirect" RedirectConfig: Protocol: "HTTPS" Port: "443" Host: "#{host}" Path: "/#{path}" Query: "#{query}" StatusCode: "HTTP_301" LoadBalancerArn: !Ref AWSALBLoadBalancer Port: 80 Protocol: "HTTP" AWSNLBLoadBalancer: Condition: AWSNLBLoadBalancerCondition Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' DeletionPolicy: Retain UpdateReplacePolicy: Retain Properties: Scheme: !Ref AWSLoadBalancerScheme Type: !Ref AWSLoadBalancerType Subnets: - !Ref AWSSubnet1Id - !Ref AWSSubnet2Id - !Ref AWSSubnet3Id Tags: - Key: Name Value: !Join - '' - - !Ref AWSLoadBalancerName - '-LoadBalancer'