<h1 id="alb">ALB<a aria-hidden="true" class="anchor-heading icon-link" href="#alb"></a></h1>
ALB distributes incoming traffic across multiple targets (see concepts below) in one or more AZ. It provides <a href="/notes/aae45bf2-78f6-4c1d-ab24-8ba182f3f136">layer 7</a> (<a href="/notes/0679b21d-842b-4310-b791-da4ebc1c9574">HTTP</a>/<abbr title="HyperText Transfer Protocol (Secure)">HTTPS</abbr>) load balancing and <abbr title="Secure Sockets Layer">SSL</abbr> offload with host- and path-based routing, sticky sessions, and <abbr title="Server Name Indication">SNI</abbr>.
Note that whilst ALBs do not preserve source IPs, they do send the <code>X-Forwarded-For</code>, <code>X-Forwarded-Proto</code>, and <code>X-Forwarded-Port</code> proxy headers.
<h1 id="concepts">Concepts<a aria-hidden="true" class="anchor-heading icon-link" href="#concepts"></a></h1>
<ul>
<li>Listeners capture incoming traffic.
<ul>
<li>Optionally, they may also authenticate users through <abbr title="OpenID Connect">OIDC</abbr>, or social or corporate IdPs <a href="/notes/e4cfd038-8e1e-4335-a05b-f7c8dd097cdc">Cognito</a>.</li>
</ul>
</li>
<li>Target Groups represent sets of backends to forward the traffic to for processing.</li>
<li>Health checks verify that a target within a Target Group is ready to serve traffic.</li>
<li>Rules allow selectively matching requests for forwarding to Target Groups, redirecting, requiring authentication or sending a static response.</li>
<li>Conditions allow matching traffic meeting configured criteria: <code>Host</code> header or request path.</li>
</ul>
<h1 id="targets">Targets<a aria-hidden="true" class="anchor-heading icon-link" href="#targets"></a></h1>
Target groups can point at:
<ul>
<li><a href="/notes/3ab20fcb-21ec-4e9c-b9b3-a08e15995b28">EC2</a> instances, either manually or via Auto Scaling.</li>
<li><abbr title="Internet Protocol">IP</abbr> addresses, either on AWS or external.</li>
<li><a href="/notes/4e3ac624-a6d9-419d-a4c9-aa9e63d0e195">Lambda</a> functions</li>
<li><a href="/notes/5acac1f6-f651-4072-a783-0a43b9ab7885">ECS</a> tasks</li>
</ul>
[ALB] Application Load Balancer
[AWS] Amazon Web Services
[AZ] Availability Zone
[EC2]: Elastic Container Cloud

<hr>
Backlinks
<ul>
<li><a href="/notes/2fe0411e-1039-433b-b91b-b5177697b532">ELB (public)</a></li>
<li><a href="/notes/09dd764d-8bcb-48c8-83fa-3fae21b3ad36">WAF (public)</a></li>
<li><a href="/notes/7fd120de-a476-4492-b334-8429090fef59">Classic (public)</a></li>
<li><a href="/notes/b2618f9e-e0e1-4bef-9ba2-444e17bbbd63">NLB (public)</a></li>
</ul>


![Digital brain](assets/images/logo.svg){display: block, margin: 0 auto, max-height: 50vh}

Hi, I'm Luke 👋

I'm a software engineer turned site reliability engineer. I'm currently big on knowledge management and learning.

# Find me elsewhere

- [👨‍💻 DEV](https://dev.to/lukecarrier)
- [🚢 GitHub](https://github.com/LukeCarrier)
- [👔 LinkedIn](https://www.linkedin.com/in/lukecarrier/)
- [📄 Résumé](https://github.com/LukeCarrier/resume)
