amazon.aws.elb_classic_lb module – Creates, updates or destroys an Amazon ELB
Note
This module is part of the amazon.aws collection (version 10.1.2).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install amazon.aws.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: amazon.aws.elb_classic_lb.
New in amazon.aws 1.0.0
Synopsis
Creates, updates or destroys an Amazon Elastic Load Balancer (ELB).
This module was renamed from amazon.aws.ec2_elb_lb to amazon.aws.elb_classic_lb in version 2.1.0 of the amazon.aws collection.
Aliases: ec2_elb_lb
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.6
boto3 >= 1.34.0
botocore >= 1.34.0
Parameters
Parameter |
Comments |
|---|---|
AWS access key ID. See the AWS documentation for more information about access tokens https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys. The The aws_access_key and profile options are mutually exclusive. The aws_access_key_id alias was added in release 5.1.0 for consistency with the AWS botocore SDK. |
|
A dictionary of access logs configuration settings (see examples). |
|
When set to When set to Choices:
|
|
The interval for publishing the access logs to S3. Choices:
|
|
The S3 bucket to deliver access logs to. See https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html for more information about the necessary S3 bucket policies. Required when |
|
Where in the S3 bucket to deliver the logs. If the prefix is not provided or set to Default: |
|
The location of a CA Bundle to use when validating SSL certificates. The |
|
A dictionary to modify the botocore configuration. Parameters can be found in the AWS documentation https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config. |
|
Wait a specified timeout allowing connections to drain before terminating an instance. Set to |
|
Distribute load across all configured Availability Zones. Defaults to Choices:
|
|
Use a The Choices:
|
|
URL to connect to instead of the default AWS endpoints. While this can be used to connection to other AWS-compatible services the amazon.aws and community.aws collections are only tested against AWS. The |
|
A dictionary of health check configuration settings (see examples). |
|
The number of consecutive health checks successes required before moving the instance to the Healthy state. |
|
The approximate interval, in seconds, between health checks of an individual instance. |
|
The URI path which the ELB health check will query when performing a health check. Required when |
|
The TCP port to which the ELB will connect when performing a health check. |
|
The protocol which the ELB health check will use when performing a health check. Valid values are |
|
The amount of time, in seconds, after which no response means a failed health check. |
|
The number of consecutive health check failures required before moving the instance to the Unhealthy state. |
|
ELB connections from clients and to servers are timed out after this amount of time. |
|
List of instance ids to attach to this ELB. |
|
List of ports/protocols for this ELB to listen on (see examples). Required when |
|
The port on which the instance is listening. |
|
The protocol to use for routing traffic to instances. Valid values are |
|
The port on which the load balancer will listen. |
|
The transport protocol to use for routing. Valid values are |
|
Enable proxy protocol for the listener. Beware, ELB controls for the proxy protocol are based on the Choices:
|
|
The Amazon Resource Name (ARN) of the SSL certificate. |
|
The name of the ELB. The name of an ELB must be less than 32 characters and unique per-region per-account. |
|
A named AWS profile to use for authentication. See the AWS documentation for more information about named profiles https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html. The The profile option is mutually exclusive with the aws_access_key, aws_secret_key and session_token options. |
|
Purge existing instance ids on ELB that are not found in Choices:
|
|
Purge existing listeners on ELB that are not found in listeners. Choices:
|
|
Purge existing subnets on the ELB that are not found in Because it is not permitted to add multiple subnets from the same availability zone, subnets to be purged will be removed before new subnets are added. This may cause a brief outage if you try to replace all subnets at once. Choices:
|
|
If If the Tag keys beginning with Choices:
|
|
Purge existing availability zones on ELB that are not found in Choices:
|
|
The AWS region to use. For global services such as IAM, Route53 and CloudFront, region is ignored. The See the Amazon AWS documentation for more information http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region. |
|
The scheme to use when creating the ELB. For a private VPC-visible ELB use If you choose to update your scheme with a different value the ELB will be destroyed and a new ELB created. Defaults to Choices:
|
|
AWS secret access key. See the AWS documentation for more information about access tokens https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys. The The secret_key and profile options are mutually exclusive. The aws_secret_access_key alias was added in release 5.1.0 for consistency with the AWS botocore SDK. |
|
A list of security groups to apply to the ELB. |
|
A list of security group names to apply to the ELB. |
|
AWS STS session token for use with temporary credentials. See the AWS documentation for more information about access tokens https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys. The The session_token and profile options are mutually exclusive. |
|
Create or destroy the ELB. Choices:
|
|
A dictionary of stickiness policy settings. Policy will be applied to all listeners (see examples). |
|
The name of the application cookie used for stickiness. Required if Ignored if |
|
When Choices:
|
|
The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session. Ignored if |
|
The type of stickiness policy to apply. Required if Ignored if Choices:
|
|
A list of VPC subnets to use when creating the ELB. Mutually exclusive with |
|
A dictionary representing the tags to be applied to the resource. If the |
|
When set to Setting validate_certs=false is strongly discouraged, as an alternative, consider setting aws_ca_bundle instead. Choices:
|
|
When creating, deleting, or adding instances to an ELB, if wait=true Ansible will wait for both the load balancer and related network interfaces to finish creating/deleting. Support for waiting when adding instances was added in release 2.1.0. Choices:
|
|
Used in conjunction with wait. Number of seconds to wait for the ELB to be terminated. A maximum of 600 seconds (10 minutes) is allowed. Default: |
|
List of availability zones to enable on this ELB. Mutually exclusive with |
Notes
Note
The ec2_elb fact previously set by this module was deprecated in release 2.1.0 and since release 4.0.0 is no longer set.
Support for
purge_tagswas added in release 2.1.0.Caution: For modules, environment variables and configuration files are read from the Ansible ‘host’ context and not the ‘controller’ context. As such, files may need to be explicitly copied to the ‘host’. For lookup and connection plugins, environment variables and configuration files are read from the Ansible ‘controller’ context and not the ‘host’ context.
The AWS SDK (boto3) that Ansible uses may also read defaults for credentials and other settings, such as the region, from its configuration files in the Ansible ‘host’ context (typically
~/.aws/credentials). See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html for more information.
Examples
# Note: None of these examples set aws_access_key, aws_secret_key, or region.
# It is assumed that their matching environment variables are set.
# Basic provisioning example (non-VPC)
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http # options are http, https, ssl, tcp
load_balancer_port: 80
instance_port: 80
proxy_protocol: true
- protocol: https
load_balancer_port: 443
instance_protocol: http # optional, defaults to value of protocol setting
instance_port: 80
# ssl certificate required for https or ssl
ssl_certificate_id: "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert"
# Internal ELB example
- amazon.aws.elb_classic_lb:
name: "test-vpc"
scheme: internal
state: present
instance_ids:
- i-abcd1234
purge_instance_ids: true
subnets:
- subnet-abcd1234
- subnet-1a2b3c4d
listeners:
- protocol: http # options are http, https, ssl, tcp
load_balancer_port: 80
instance_port: 80
# Configure a health check and the access logs
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: present
zones:
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
health_check:
ping_protocol: http # options are http, https, ssl, tcp
ping_port: 80
ping_path: "/index.html" # not required for tcp or ssl
response_timeout: 5 # seconds
interval: 30 # seconds
unhealthy_threshold: 2
healthy_threshold: 10
access_logs:
interval: 5 # minutes (defaults to 60)
s3_location: "my-bucket" # This value is required if access_logs is set
s3_prefix: "logs"
# Ensure ELB is gone
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: absent
# Ensure ELB is gone and wait for check (for default timeout)
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: absent
wait: true
# Ensure ELB is gone and wait for check with timeout value
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: absent
wait: true
wait_timeout: 600
# Normally, this module will purge any listeners that exist on the ELB
# but aren't specified in the listeners parameter. If purge_listeners is
# false it leaves them alone
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
purge_listeners: false
# Normally, this module will leave availability zones that are enabled
# on the ELB alone. If purge_zones is true, then any extraneous zones
# will be removed
- amazon.aws.elb_classic_lb:
name: "test-please-delete"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
purge_zones: true
# Creates a ELB and assigns a list of subnets to it.
- amazon.aws.elb_classic_lb:
state: present
name: 'New ELB'
security_group_ids: 'sg-123456, sg-67890'
subnets: 'subnet-123456,subnet-67890'
purge_subnets: true
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
# Create an ELB with connection draining, increased idle timeout and cross availability
# zone load balancing
- amazon.aws.elb_classic_lb:
name: "New ELB"
state: present
connection_draining_timeout: 60
idle_timeout: 300
cross_az_load_balancing: "yes"
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
# Create an ELB with load balancer stickiness enabled
- amazon.aws.elb_classic_lb:
name: "New ELB"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
stickiness:
type: loadbalancer
enabled: true
expiration: 300
# Create an ELB with application stickiness enabled
- amazon.aws.elb_classic_lb:
name: "New ELB"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
stickiness:
type: application
enabled: true
cookie: SESSIONID
# Create an ELB and add tags
- amazon.aws.elb_classic_lb:
name: "New ELB"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
tags:
Name: "New ELB"
stack: "production"
client: "Bob"
# Delete all tags from an ELB
- amazon.aws.elb_classic_lb:
name: "New ELB"
state: present
zones:
- us-east-1a
- us-east-1d
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
tags: {}
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Original boto-style Load Balancer attributes. Returned: always |
|
The name of the policy used to control if the ELB is using a application cookie stickiness policy. Returned: when Sample: |
|
A description of the backend policy applied to the ELB (instance-port:policy-name). Returned: when Sample: |
|
The maximum time, in seconds, to keep the existing connections open before deregistering the instances. Returned: when Sample: |
|
Either Returned: when Sample: |
|
The DNS name of the ELB. Returned: when Sample: |
|
A dictionary describing the health check used for the ELB. Returned: when |
|
The number of consecutive successful health checks before marking an instance as healthy. Returned: success Sample: |
|
The time, in seconds, between each health check. Returned: success Sample: |
|
The Protocol, Port, and for HTTP(S) health checks the path tested by the health check. Returned: success Sample: |
|
The time, in seconds, after which an in progress health check is considered failed due to a timeout. Returned: success Sample: |
|
The number of consecutive failed health checks before marking an instance as unhealthy. Returned: success Sample: |
|
The ID of the Amazon Route 53 hosted zone for the load balancer. Returned: when Sample: |
|
The DNS name of the load balancer when using a custom hostname. Returned: when Sample: |
|
The length of of time before an idle connection is dropped by the ELB. Returned: when Sample: |
|
The number of instances attached to the ELB in an in-service state. Returned: when Sample: |
|
A list of dictionaries describing the health of each instance attached to the ELB. Returned: when |
|
A human readable description of why the instance is not in service. Returned: when Sample: |
|
A list of the IDs of instances attached to the ELB. Returned: when Sample: |
|
The name of the policy used to control if the ELB is using a cookie stickiness policy. Returned: when Sample: |
|
A list of lists describing the listeners attached to the ELB. The nested list contains the listener port, the instance port, the listener protoco, the instance port, and where appropriate the ID of the SSL certificate for the port. Returned: when Sample: |
|
The name of the ELB. This name is unique per-region, per-account. Returned: when Sample: |
|
The number of instances attached to the ELB in an out-of-service state. Returned: when Sample: |
|
The name of the policy used to control if the ELB operates using the Proxy protocol. Returned: when the proxy protocol policy exists. Sample: |
|
The AWS region in which the ELB is running. Returned: always Sample: |
|
Whether the ELB is an Returned: when Sample: |
|
A list of the IDs of the Security Groups attached to the ELB. Returned: when Sample: |
|
A minimal description of the current state of the ELB. Valid values are Returned: always Sample: |
|
A list of the subnet IDs attached to the ELB. Returned: when Sample: |
|
A dictionary describing the tags attached to the ELB. Returned: when Sample: |
|
The number of instances attached to the ELB in an unknown state. Returned: when Sample: |
|
A list of the AWS regions in which the ELB is running. Returned: when Sample: |
|
Boto3-style Load Balancer attributes. Returned: always |
|
A list of the AWS regions in which the ELB is running. Returned: when Sample: |
|
The port on which the EC2 instance is listening. Returned: when |
|
The names of the policies enabled for the EC2 instance. Returned: when |
|
The ID of the Amazon Route 53 hosted zone for the load balancer. Returned: when Sample: |
|
The date and time the load balancer was created. Returned: when Sample: |
|
The DNS name of the ELB. Returned: when Sample: |
|
Information about the health checks conducted on the load balancer. Returned: when |
|
The number of consecutive successful health checks before marking an instance as healthy. Returned: success Sample: |
|
The time, in seconds, between each health check. Returned: success Sample: |
|
The Protocol, Port, and for HTTP(S) health checks the path tested by the health check. Returned: success Sample: |
|
The time, in seconds, after which an in progress health check is considered failed due to a timeout. Returned: success Sample: |
|
The number of consecutive failed health checks before marking an instance as unhealthy. Returned: success Sample: |
|
The instance ID. Returned: success |
|
The listeners for the load balancer. Returned: when Sample: |
|
The listener. Returned: when |
|
The port on which the instance is listening. Returned: when |
|
The protocol to use for routing traffic to instances. Returned: when |
|
The port on which the load balancer is listening. Returned: when |
|
The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL. Returned: when |
|
The policies. If there are no policies enabled, the list is empty. Returned: when |
|
The listeners for the load balancer. Returned: when |
|
If enabled, the load balancer captures detailed information of all requests and delivers the information to the Amazon S3 bucket that you specify. Returned: when |
|
The interval for publishing the access logs. Returned: success Sample: |
|
Specifies whether access logs are enabled for the load balancer. Returned: success Sample: |
|
The name of the Amazon S3 bucket where the access logs are stored. Returned: success Sample: |
|
The logical hierarchy you created for your Amazon S3 bucket. Returned: success Sample: |
|
Any additional attributes. Returned: when Sample: |
|
If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance. Returned: when Sample: |
|
Specifies whether connection draining is enabled for the load balancer. Returned: success |
|
The maximum time, in seconds, to keep the existing connections open before deregistering the instances. Returned: success |
|
If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration Returned: when Sample: |
|
The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. Returned: success |
|
If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones. Returned: when Sample: |
|
Specifies whether cross-zone load balancing is enabled for the load balancer. Returned: when |
|
Information about a policy attribute. Returned: when |
|
The name of the attribute. Returned: when |
|
The value of the attribute. Returned: when |
|
The name of the policy. Returned: when |
|
The name of the policy type. Returned: when |
|
The policies defined for the load balancer. Returned: when |
|
The stickiness policies created using CreateAppCookieStickinessPolicy. Returned: when |
|
The stickiness policies created using CreateLBCookieStickinessPolicy. Returned: when |
|
The time period, in seconds, after which the cookie should be considered stale. Returned: when Sample: |
|
The security groups for the load balancer. Returned: when Sample: |
|
The security group for the load balancer, which you can use as part of your inbound rules for your registered instances. Returned: when Sample: |
|
The name of the security group.. Returned: success |
|
The owner of the security group. Returned: success |
|
A list of the subnet IDs attached to the ELB. Returned: when Sample: |
|
A dictionary describing the tags attached to the ELB. Returned: when Sample: |
|
The ID of the VPC for the load balancer. Returned: when Sample: |