docs.aws.amazon.com
Open in
urlscan Pro
13.35.58.2
Public Scan
Submitted URL: http://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html
Effective URL: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html
Submission: On June 13 via api from US — Scanned from DE
Effective URL: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html
Submission: On June 13 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
SELECT YOUR COOKIE PREFERENCES
We use essential cookies and similar tools that are necessary to provide our
site and services. We use performance cookies to collect anonymous statistics so
we can understand how customers use our site and make improvements. Essential
cookies cannot be deactivated, but you can click “Customize cookies” to decline
performance cookies.
If you agree, AWS and approved third parties will also use cookies to provide
useful site features, remember your preferences, and display relevant content,
including relevant advertising. To continue without accepting these cookies,
click “Continue without accepting.” To make more detailed choices or learn more,
click “Customize cookies.”
Accept all cookiesContinue without acceptingCustomize cookies
CUSTOMIZE COOKIE PREFERENCES
We use cookies and similar tools (collectively, "cookies") for the following
purposes.
ESSENTIAL
Essential cookies are necessary to provide our site and services and cannot be
deactivated. They are usually set in response to your actions on the site, such
as setting your privacy preferences, signing in, or filling in forms.
PERFORMANCE
Performance cookies provide anonymous statistics about how customers navigate
our site so we can improve site experience and performance. Approved third
parties may perform analytics on our behalf, but they cannot use the data for
their own purposes.
Allow performance category
Allowed
FUNCTIONAL
Functional cookies help us provide useful site features, remember your
preferences, and display relevant content. Approved third parties may set these
cookies to provide certain site features. If you do not allow these cookies,
then some or all of these services may not function properly.
Allow functional category
Allowed
ADVERTISING
Advertising cookies may be set through our site by us or our advertising
partners and help us deliver relevant marketing content. If you do not allow
these cookies, you will experience less relevant advertising.
Allow advertising category
Allowed
Blocking some types of cookies may impact your experience of our sites. You may
review and change your choices at any time by clicking Cookie preferences in the
footer of this site. We and selected third-parties use cookies or similar
technologies as specified in the AWS Cookie Notice.
CancelSave preferences
UNABLE TO SAVE COOKIE PREFERENCES
We will only store essential cookies at this time, because we were unable to
save your cookie preferences.
If you want to change your cookie preferences, try again later using the link in
the AWS console footer, or contact support if the problem persists.
Dismiss
Contact Us
English
Create an AWS Account
1. AWS
2. ...
3. Documentation
4. Elastic Load Balancing
5. Application Load Balancers
Feedback
Preferences
ELASTIC LOAD BALANCING
APPLICATION LOAD BALANCERS
* What is an Application Load Balancer?
* Getting started
* Tutorial: Create an Application Load Balancer using the AWS CLI
* Load balancers
* Create a load balancer
* Update Availability Zones
* Update security groups
* Update the address type
* Update tags
* Delete a load balancer
* Zonal shift
* Listeners and rules
* Create an HTTP listener
* Create an HTTPS listener
* Update listener rules
* Update an HTTPS listener
* Use mutual TLS authentication
* Authenticate users
* X-forwarded headers
* Update tags
* Delete a listener
* Target groups
* Create a target group
* Configure health checks
* Cross-zone load balancing
* Target group health
* Register targets
* Sticky sessions
* Lambda functions as targets
* Update tags
* Delete a target group
* Monitor your load balancers
* CloudWatch metrics
* Access logs
* Enable access logs
* Disable access logs
* Connection logs
* Enable connection logs
* Disable connection logs
* Request tracing
* CloudTrail logs
* Troubleshoot your load balancers
* Quotas
* Document history
Create an Application Load Balancer - Elastic Load Balancing
AWSDocumentationElastic Load BalancingApplication Load Balancers
Step 1: Configure a target groupStep 2: Register targetsStep 3: Configure a load
balancer and a listenerStep 4: Test the load balancer
CREATE AN APPLICATION LOAD BALANCER
PDFRSS
A load balancer takes requests from clients and distributes them across targets
in a target group.
Before you begin, ensure that you have a virtual private cloud (VPC) with at
least one public subnet in each of the zones used by your targets. For more
information, see Subnets for your load balancer.
To create a load balancer using the AWS CLI, see Tutorial: Create an Application
Load Balancer using the AWS CLI.
To create a load balancer using the AWS Management Console, complete the
following tasks.
TASKS
* Step 1: Configure a target group
* Step 2: Register targets
* Step 3: Configure a load balancer and a listener
* Step 4: Test the load balancer
STEP 1: CONFIGURE A TARGET GROUP
Configuring a target group allows you to register targets such as EC2 instances.
The target group that you configure in this step is used as the target group in
the listener rule when you configure your load balancer. For more information,
see Target groups for your Application Load Balancers.
TO CONFIGURE YOUR TARGET GROUP USING THE CONSOLE
1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
2. In the navigation pane, choose Target Groups.
3. Choose Create target group.
4. In the Basic configuration section, set the following parameters:
1. For Choose a target type, select Instances to specify targets by instance
ID or IP addresses to specify targets by only IP address. If the target
type is a Lambda function, you can enable health checks by selecting
Enable in the Health checks section.
2. For Target group name, enter a name for the target group.
3. Modify the Port and Protocol as needed.
4. If the target type is Instances or IP addresses, choose IPv4 or IPv6 as
the IP address type, otherwise skip to the next step.
Note that only targets that have the selected IP address type can be
included in this target group. The IP address type cannot be changed
after the target group is created.
5. For VPC, select a virtual private cloud (VPC) with the targets that you
want to include in your target group.
6. For Protocol version, select HTTP1 when the request protocol is HTTP/1.1
or HTTP/2; select HTTP2, when the request protocol is HTTP/2 or gRPC; and
select gRPC, when the request protocol is gRPC.
5. In the Health checks section, modify the default settings as needed. For
Advanced health check settings, choose the health check port, count,
timeout, interval, and specify success codes. If health checks consecutively
exceed the Unhealthy threshold count, the load balancer takes the target out
of service. If health checks consecutively exceed the Healthy threshold
count, the load balancer puts the target back in service. For more
information, see Health checks for your target groups.
6. (Optional) Add one or more tags as follows:
1. Expand the Tags section.
2. Choose Add tag.
3. Enter the tag Key and tag Value. Allowed characters are letters, spaces,
numbers (in UTF-8), and the following special characters: + - = . _ : /
@. Do not use leading or trailing spaces. Tag values are case-sensitive.
7. Choose Next.
STEP 2: REGISTER TARGETS
You can register EC2 instances, IP addresses, or Lambda functions as targets in
a target group. This is an optional step to create a load balancer. However, you
must register your targets to ensure that your load balancer routes traffic to
them.
1. In the Register targets page, add one or more targets as follows:
* If the target type is Instances, select one or more instances, enter one
or more ports, and then choose Include as pending below.
* If the target type is IP addresses, do the following:
1. Select a network VPC from the list, or choose Other private IP
addresses.
2. Enter the IP address manually, or find the IP address using instance
details. You can enter up to five IP addresses at a time.
3. Enter the ports for routing traffic to the specified IP addresses.
4. Choose Include as pending below.
* If the target type is Lambda, select a Lambda function, or enter a Lambda
function ARN, and then choose Include as pending below.
2. Choose Create target group.
STEP 3: CONFIGURE A LOAD BALANCER AND A LISTENER
To create an Application Load Balancer, you must first provide basic
configuration information for your load balancer, such as a name, scheme, and IP
address type. Then, you provide information about your network, and one or more
listeners. A listener is a process that checks for connection requests. It is
configured with a protocol and a port for connections from clients to the load
balancer. For more information about supported protocols and ports, see Listener
configuration.
TO CONFIGURE YOUR LOAD BALANCER AND LISTENER USING THE CONSOLE
1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
2. In the navigation pane, choose Load Balancers.
3. Choose Create Load Balancer.
4. Under Application Load Balancer, choose Create.
5. Basic configuration
1. For Load balancer name, enter a name for your load balancer. For
example, my-alb. The name of your Application Load Balancer must be
unique within your set of Application Load Balancers and Network Load
Balancers for the Region. Names can have a maximum of 32 characters, and
can contain only alphanumeric characters and hyphens. They can not begin
or end with a hyphen, or with internal-. The name of your Application
Load Balancer cannot be changed after it's created.
2. For Scheme, choose Internet-facing or Internal. An internet-facing load
balancer routes requests from clients to targets over the internet. An
internal load balancer routes requests to targets using private IP
addresses.
3. For IP address type, choose IPv4, Dualstack, or Dualstack without public
IPv4. Choose IPv4 if your clients use IPv4 addresses to communicate with
the load balancer. Choose Dualstack if your clients use both IPv4 and
IPv6 addresses to communicate with the load balancer. Choose Dualstack
without public IPv4 if your clients use only IPv6 addresses to
communicate with the load balancer.
6. Network mapping
1. For VPC, select the VPC that you used for your EC2 instances. If you
selected Internet-facing for Scheme, only VPCs with an internet gateway
are available for selection.
2. For Mappings, enable zones for your load balancer by selecting subnets
as follows:
* Subnets from two or more Availability Zones
* Subnets from one or more Local Zones
* One Outpost subnet
For more information, see Subnets for your load balancer.
For internal load balancers, the IPv4 and IPv6 addresses are assigned
from the subnet CIDR.
If you enabled Dualstack mode for the load balancer, select subnets with
both IPv4 and IPv6 CIDR blocks.
7. For Security groups, select an existing security group, or create a new
one.
The security group for your load balancer must allow it to communicate with
registered targets on both the listener port and the health check port. The
console can create a security group for your load balancer on your behalf
with rules that allow this communication. You can also create a security
group and select it instead. For more information, see Recommended rules.
(Optional) To create a new security group for your load balancer, choose
Create a new security group.
8. For Listeners and routing, the default listener accepts HTTP traffic on
port 80. You can keep the default protocol and port, or choose different
ones. For Default action, choose the target group that you created. You can
optionally choose Add listener to add another listener (for example, an
HTTPS listener).
9. (Optional) If using an HTTPS listener
For Security policy, we recommend that you always use the latest predefined
security policy.
1. For Default SSL/TLS certificate, the following options are available:
* If you created or imported a certificate using AWS Certificate
Manager, select From ACM, then select the certificate from Select a
certificate.
* If you imported a certificate using IAM, select From IAM, and then
select your certificate from Select a certificate.
* If you have a certificate to import but ACM is not available in your
Region, select Import, then select To IAM. Type the name of the
certificate in the Certificate name field. In Certificate private
key, copy and paste the contents of the private key file
(PEM-encoded). In Certificate body, copy and paste the contents of
the public key certificate file (PEM-encoded). In Certificate Chain,
copy and paste the contents of the certificate chain file
(PEM-encoded), unless you are using a self-signed certificate and
it's not important that browsers implicitly accept the certificate.
2. (Optional) To enable mutual authentication, under Client certificate
handling enable Mutual authentication (mTLS).
When enabled, the default mutual TLS mode is passthrough.
If you select Verify with Trust Store:
* By default, connections with expired client certificates are
rejected. To change this behavior expand Advanced mTLS settings, then
under Client certificate expiration select Allow expired client
certificates.
* Under Trust Store choose an existing trust store, or choose New trust
store.
* If you chose New trust store, provide a Trust store name, the S3
URI Certificate Authority location, and optionally an S3 URI
Certificate revocation list location.
10. (Optional) You can integrate other services with your load balancer during
creation, under Optimize with service integrations.
* You can choose to include AWS WAF security protections for your load
balancer, with an existing or automatically created web ACL. After
creation, web ACLs can be managed in the AWS WAF console. For more
information, see Associating or disassociating a web ACL with an AWS
resource in the AWS WAF Developer Guide.
* You can choose to have AWS Global Accelerator create an accelerator for
you and associate your load balancer with the accelerator. The
accelerator name can have the following characters (up to 64
characters): a-z, A-Z, 0-9, . (period), and - (hyphen). After the
accelerator is created, you can manage it in the AWS Global Accelerator
console. For more information, see Add an accelerator when you create a
load balancer in the AWS Global Accelerator Developer Guide.
11. Tag and create
1. (Optional) Add a tag to categorize your load balancer. Tag keys must be
unique for each load balancer. Allowed characters are letters, spaces,
numbers (in UTF-8), and the following special characters: + - = . _ : /
@. Do not use leading or trailing spaces. Tag values are case-sensitive.
2. Review your configuration, and choose Create load balancer. A few
default attributes are applied to your load balancer during creation.
You can view and edit them after creating the load balancer. For more
information, see Load balancer attributes.
STEP 4: TEST THE LOAD BALANCER
After creating your load balancer, you can verify that your EC2 instances pass
the initial health check. You can then check that the load balancer is sending
traffic to your EC2 instance. To delete the load balancer, see Delete an
Application Load Balancer.
TO TEST THE LOAD BALANCER
1. After the load balancer is created, choose Close.
2. In the navigation pane, choose Target Groups.
3. Select the newly created target group.
4. Choose Targets and verify that your instances are ready. If the status of an
instance is initial, it's typically because the instance is still in the
process of being registered. This status can also indicate that the instance
has not passed the minimum number of health checks to be considered healthy.
After the status of at least one instance is healthy, you can test your load
balancer. For more information, see Target health status.
5. In the navigation pane, choose Load Balancers.
6. Select the newly created load balancer.
7. Choose Description and copy the DNS name of the internet facing or internal
load balancer (for example,
my-load-balancer-1234567890abcdef.elb.us-east-2.amazonaws.com).
* For internet facing load balancers, paste the DNS name into the address
field of an internet connected web browser.
* For internal load balancers, paste the DNS name into the address field of
a web browser which has private connectivity to the VPC.
If everything is configured correctly, the browser displays the default page
of your server.
8. If the web page does not display, refer to the following documents for
additional configuration help and troubleshooting steps.
* For DNS related issues, see Routing traffic to an ELB load balancer in
the Amazon Route 53 Developer Guide.
* For Load Balancer related issues, see Troubleshoot your Application Load
Balancers.
Javascript is disabled or is unavailable in your browser.
To use the Amazon Web Services Documentation, Javascript must be enabled. Please
refer to your browser's Help pages for instructions.
Document Conventions
Load balancers
Update Availability Zones
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of
it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.
DID THIS PAGE HELP YOU?
Yes
No
Provide feedback
NEXT TOPIC:
Update Availability Zones
PREVIOUS TOPIC:
Load balancers
NEED HELP?
* Try AWS re:Post
* Connect with an AWS IQ expert
PrivacySite termsCookie preferences
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ON THIS PAGE
* Step 1: Configure a target group
* Step 2: Register targets
* Step 3: Configure a load balancer and a listener
* Step 4: Test the load balancer