ALB distributes incoming traffic across multiple targets (see concepts below) in one or more AZ. It provides layer 7 (HTTP/HTTPS) load balancing and SSL offload with host- and path-based routing, sticky sessions, and SNI.
Note that whilst ALBs do not preserve source IPs, they do send the
X-Forwarded-Port proxy headers.
- Listeners capture incoming traffic.
- Optionally, they may also authenticate users through OIDC, or social or corporate IdPs Cognito.
- Target Groups represent sets of backends to forward the traffic to for processing.
- Health checks verify that a target within a Target Group is ready to serve traffic.
- Rules allow selectively matching requests for forwarding to Target Groups, redirecting, requiring authentication or sending a static response.
- Conditions allow matching traffic meeting configured criteria:
Hostheader or request path.
Target groups can point at:
- EC2 instances, either manually or via Auto Scaling.
- IP addresses, either on AWS or external.
- Lambda functions
- ECS tasks
[ALB] Application Load Balancer [AWS] Amazon Web Services [AZ] Availability Zone [EC2]: Elastic Container Cloud