loadBalancer
View SourceApplication Load Balancers (ALBs) in AWS distribute incoming HTTP/HTTPS traffic across multiple targets. Stackattack creates ALBs with SSL termination, health checks, and integration with ECS services for high availability web applications.
import * as saws from "@stackattack/aws";
const ctx = saws.context();const network = saws.vpc(ctx);const lb = saws.loadBalancer(ctx, { network: network.network("public")});
export const loadBalancerUrl = lb.url;
After deploying a load balancer, you can manage it using:
AWS CLI:
# View load balancer detailsaws elbv2 describe-load-balancers --names your-load-balancer-name
# List target groups and their healthaws elbv2 describe-target-groups --load-balancer-arn arn:aws:elasticloadbalancing:...aws elbv2 describe-target-health --target-group-arn arn:aws:elasticloadbalancing:...
# View listener rules and routingaws elbv2 describe-listeners --load-balancer-arn arn:aws:elasticloadbalancing:...aws elbv2 describe-rules --listener-arn arn:aws:elasticloadbalancing:...
# View access logs (if enabled)aws s3 ls s3://your-alb-logs-bucket/AWSLogs/123456789012/elasticloadbalancing/
Testing Load Balancer:
# Test HTTP endpointcurl -I http://your-alb-dns-name.us-east-1.elb.amazonaws.com
# Test HTTPS with custom domaincurl -I https://your-domain.com
# Test with custom headers for routing rulescurl -H "Host: api.example.com" http://your-alb-dns-name.us-east-1.elb.amazonaws.com
CloudWatch Metrics:
# View request count and latency metricsaws cloudwatch get-metric-statistics --namespace AWS/ApplicationELB --metric-name RequestCount --dimensions Name=LoadBalancer,Value=app/your-lb-name/1234567890abcdef
Related Components
Section titled “Related Components”Load balancers work together with other Stackattack components:
- vpc - Provides public networking for internet-facing load balancers
- service - Receives traffic routed through load balancers
- certificate - Enables HTTPS termination at the load balancer
ALB costs are fixed hourly charges plus usage-based request processing:
-
Hourly rate - Each ALB costs ~$16.43/month (730 hours × $0.0225/hour) just for existing, regardless of traffic.
-
Load Balancer Capacity Units (LCUs) - You pay for the highest of: new connections/sec, active connections, bandwidth, or rule evaluations. Typical costs:
- Light traffic: ~$5-10/month additional
- Medium traffic (1000 req/min): ~$15-25/month additional
- High traffic (10k req/min): ~$50-100/month additional
-
Data transfer - Standard AWS data transfer rates apply (~$0.09/GB out to internet). Internal VPC traffic is free.
-
SSL certificates - ACM certificates are free when used with ALBs. No additional cost for SSL termination.
Also note that (external) load balancers require a public ip address per subnet, and load balancers must be deployed in at least two subnets. Each public IP costs ~$3.60/month, so that adds an additional ~$7.40 minimum for the public IP addresses for external load balancers.
Cost optimization strategies:
- Share ALBs across multiple services using listener rules (vs one ALB per service)
- Use CloudFront in front of ALBs for static content and global acceleration
- Consider Network Load Balancers for TCP traffic or when you need static IPs
- Monitor LCU usage to identify cost drivers (connections, bandwidth, rules)
See ALB Pricing for current rates.
loadBalancer
Section titled “loadBalancer”Creates a complete load balancer setup including security group, load balancer, and listeners. Automatically configures security rules for HTTP/HTTPS traffic.
function loadBalancer(ctx: Context, args: LoadBalancerArgs): LoadBalancerOutput
Parameters
Section titled “Parameters”ctx
(Context
) - Pulumi context for resource naming and taggingargs
(LoadBalancerArgs
) - Configuration for the load balancer
Returns
Section titled “Returns”- (
LoadBalancerOutput
) - Creates a complete load balancer setup including security group, load balancer, and listeners. Automatically configures security rules for HTTP/HTTPS traffic.
Functions
Section titled “Functions”getListenerAttributes
Section titled “getListenerAttributes”Retrieves the full listener attributes from various input types.
function getListenerAttributes(input: Input<ListenerInput>): Output<Listener | GetListenerResult>
Parameters
Section titled “Parameters”input
(Input<
ListenerInput
>
) - Listener input (ARN string, Listener resource, or query result)
Returns
Section titled “Returns”- (
Output<Listener | GetListenerResult>
) - Retrieves the full listener attributes from various input types.
getListenerId
Section titled “getListenerId”Extracts the listener ARN/ID from various input types.
function getListenerId(input: Input<ListenerInput>): Output<string>
Parameters
Section titled “Parameters”input
(Input<
ListenerInput
>
) - Listener input (ARN string, Listener resource, or query result)
Returns
Section titled “Returns”- (
Output<string>
) - Extracts the listener ARN/ID from various input types.
getLoadBalancerAttributes
Section titled “getLoadBalancerAttributes”Retrieves the full load balancer attributes from various input types.
function getLoadBalancerAttributes(input: Input<LoadBalancerInput>): Output<LoadBalancer | GetLoadBalancerResult>
Parameters
Section titled “Parameters”input
(Input<
LoadBalancerInput
>
) - Load balancer input (ARN string, LoadBalancer resource, or query result)
Returns
Section titled “Returns”- (
Output<LoadBalancer | GetLoadBalancerResult>
) - Retrieves the full load balancer attributes from various input types.
getLoadBalancerId
Section titled “getLoadBalancerId”Extracts the load balancer ARN/ID from various input types.
function getLoadBalancerId(input: Input<LoadBalancerInput>): Output<string>
Parameters
Section titled “Parameters”input
(Input<
LoadBalancerInput
>
) - Load balancer input (ARN string, LoadBalancer resource, or query result)
Returns
Section titled “Returns”- (
Output<string>
) - Extracts the load balancer ARN/ID from various input types.
loadBalancerListener
Section titled “loadBalancerListener”Creates listeners for a load balancer. If a certificate is provided, creates both HTTP (redirect to HTTPS) and HTTPS listeners. Otherwise, creates only an HTTP listener. Both listeners return 404 by default.
function loadBalancerListener(ctx: Context, args: LoadBalancerListenerArgs): { listener: Listener; loadBalancer: Input<LoadBalancerInput> }
Parameters
Section titled “Parameters”ctx
(Context
) - Pulumi context for resource naming and taggingargs
(LoadBalancerListenerArgs
) - Configuration for the listeners
Returns
Section titled “Returns”- (
{ listener: Listener; loadBalancer: Input<
LoadBalancerInput
> }
) - Creates listeners for a load balancer. If a certificate is provided, creates both HTTP (redirect to HTTPS) and HTTPS listeners. Otherwise, creates only an HTTP listener. Both listeners return 404 by default.
loadBalancerListenerCertificate
Section titled “loadBalancerListenerCertificate”Attaches an SSL certificate to a load balancer listener.
function loadBalancerListenerCertificate(ctx: Context, args: LoadBalancerListenerCertificateArgs): ListenerCertificate
Parameters
Section titled “Parameters”ctx
(Context
) - Pulumi context for resource naming and taggingargs
(LoadBalancerListenerCertificateArgs
) - Configuration for the certificate attachment
Returns
Section titled “Returns”- (
ListenerCertificate
) - Attaches an SSL certificate to a load balancer listener.
loadBalancerListenerToIds
Section titled “loadBalancerListenerToIds”Converts a LoadBalancerWithListener object to use ARN/ID strings instead of resources.
function loadBalancerListenerToIds(output: LoadBalancerWithListener): { listener: Output<string>; loadBalancer: Output<string> }
Parameters
Section titled “Parameters”output
(LoadBalancerWithListener
) - LoadBalancerWithListener object with resource references
Returns
Section titled “Returns”- (
{ listener: Output<string>; loadBalancer: Output<string> }
) - Converts a LoadBalancerWithListener object to use ARN/ID strings instead of resources.
loadBalancerSecurityGroup
Section titled “loadBalancerSecurityGroup”Creates a security group for load balancers with HTTP/HTTPS ingress rules. Allows inbound traffic on ports 80 and 443 from anywhere, and outbound traffic to the specified destination.
function loadBalancerSecurityGroup(ctx: Context, args: LoadBalancerSecurityGroupArgs): SecurityGroup
Parameters
Section titled “Parameters”ctx
(Context
) - Pulumi context for resource naming and taggingargs
(LoadBalancerSecurityGroupArgs
) - Configuration for the security group
Returns
Section titled “Returns”- (
SecurityGroup
) - Creates a security group for load balancers with HTTP/HTTPS ingress rules. Allows inbound traffic on ports 80 and 443 from anywhere, and outbound traffic to the specified destination.
loadBalancerToIds
Section titled “loadBalancerToIds”Converts a LoadBalancerOutput to use ARN strings instead of resources, while preserving the URL.
function loadBalancerToIds(output: LoadBalancerOutput): { listener: Output<string>; loadBalancer: Output<string>; url: Output<string> }
Parameters
Section titled “Parameters”output
(LoadBalancerOutput
) - LoadBalancerOutput object with resource references
Returns
Section titled “Returns”- (
{ listener: Output<string>; loadBalancer: Output<string>; url: Output<string> }
) - Converts a LoadBalancerOutput to use ARN strings instead of resources, while preserving the URL.
Interfaces
Section titled “Interfaces”LoadBalancerArgs
Section titled “LoadBalancerArgs”Configuration options for creating a complete load balancer setup.
Properties
Section titled “Properties”certificate?
(Input<string>
) - Optional SSL certificate ARN for HTTPS supportidleTimeout?
(Input<number>
) - Connection idle timeout in secondsnetwork
(NetworkInput
) - Network configuration including VPC and subnetsnoPrefix?
(boolean
) - Whether to skip adding a prefix to the context
LoadBalancerListenerArgs
Section titled “LoadBalancerListenerArgs”Configuration options for creating load balancer listeners.
Properties
Section titled “Properties”certificate?
(Input<string>
) - Optional SSL certificate ARN for HTTPS listenerloadBalancer
(Input<
LoadBalancerInput
>
) - The load balancer to create listeners fornoPrefix?
(boolean
) - Whether to skip adding a prefix to the context
LoadBalancerListenerCertificateArgs
Section titled “LoadBalancerListenerCertificateArgs”Configuration options for attaching a certificate to a load balancer listener.
Properties
Section titled “Properties”certificate
(Input<string>
) - ARN of the SSL certificate to attachlistener
(Input<
ListenerInput
>
) - The listener to attach the certificate tonoPrefix?
(boolean
) - Whether to skip adding a prefix to the context
LoadBalancerOutput
Section titled “LoadBalancerOutput”Output from creating a complete load balancer setup.
Properties
Section titled “Properties”listener
(Listener
) - The primary listener resourceloadBalancer
(LoadBalancer
) - The created load balancer resourceurl
(Output<string>
) - The URL of the load balancer
LoadBalancerSecurityGroupArgs
Section titled “LoadBalancerSecurityGroupArgs”Configuration options for creating a load balancer security group.
Properties
Section titled “Properties”destSecurityGroupId?
(Input<string>
) - Optional destination security group ID for egress rulesnoPrefix?
(boolean
) - Whether to skip adding a prefix to the contextvpc
(Input<
VpcInput
>
) - VPC where the security group will be created
LoadBalancerWithListener
Section titled “LoadBalancerWithListener”Represents a load balancer paired with a listener.
Properties
Section titled “Properties”listener
(Input<
ListenerInput
>
) - The listener referenceloadBalancer
(Input<
LoadBalancerInput
>
) - The load balancer reference
ListenerInput
Section titled “ListenerInput”Union type representing different ways to specify a load balancer listener. Can be an ARN string, Listener resource, or listener query result.
type ListenerInput = string | aws.lb.Listener | aws.lb.GetListenerResult
LoadBalancerInput
Section titled “LoadBalancerInput”Union type representing different ways to specify a load balancer. Can be an ARN string, LoadBalancer resource, or load balancer query result.
type LoadBalancerInput = string | aws.lb.LoadBalancer | aws.lb.GetLoadBalancerResult