Modifying the Attributes of a Load Balancer

You can modify the following attributes of a load balancer:

The public IP associated (for an internet-facing load balancer only)
Security groups
Publication of access logs in an OUTSCALE Object Storage (OOS) bucket
Secure cookie setting
Connection draining setting
Idle connection setting

You can associate a public IP with an internet-facing load balancer through the OUTSCALE API only. For more information see the OSC CLI section below.

Modifying the Attributes of a Load Balancer Using Cockpit v2

Modifying the Public IP of an Internet-facing Load Balancer in the Public Cloud

In the Load Balancers dashboard, check the box of the load balancer you want to update.
The load balancer is selected.
Click Update.
The UPDATE LOAD BALANCER dialog box appears.
From the Public IP list, select the public IP you want to associate with the load balancer.

The former public IP is then dissociated.
Click Update.
The public IP of the load balancer is updated.

Modifying the Security Group of an Internal Load Balancer

In the Load Balancers dashboard, check the box of the load balancer you want to update.
The load balancer is selected.
Click Update.
The UPDATE LOAD BALANCER dialog box appears.
From the Security Group list, select:
1. Proceed with a default security group to select the default security group of the Net.
2. Select a security group to select a security group for the load balancer.
Click Update.
The security group of the load balancer is updated.

Modifying the Attributes of an Internet-facing Load Balancer Using OSC CLI

The UpdateLoadBalancer command modifies the specified attribute of a load balancer. You can specify only one attribute at a time.

You can set a new SSL certificate to an SSL or HTTPS listener of a load balancer.
This certificate replaces any certificate used on the same load balancer and port.

You can also replace the currently enabled policy for the load balancer with another one.
If the PolicyNames parameter is empty, the currently enabled policy is disabled.

Request sample: Updating health checks

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --HealthCheck '{
        "HealthyThreshold": 10,
        "CheckInterval": 30,
        "Path": "/index.html",
        "Port": 8080,
        "Protocol": "HTTPS",
        "Timeout": 5,
        "UnhealthyThreshold": 5
      }'

Request sample: Updating access logs

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --AccessLog '{
        "PublicationInterval": 5,
        "IsEnabled": True,
        "OsuBucketName": "BUCKET",
        "OsuBucketPrefix": "PREFIX"
      }'

Request sample: Updating policies

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --PolicyNames '["example-browser-policy"]'

Request sample: Updating SSL certificate

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --ServerCertificateId "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate"

This command contains the following attributes that you need to specify:

AccessLog: (optional) Information about access logs.
- IsEnabled: (optional) If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
- OsuBucketName: (optional) The name of the OOS bucket for the access logs.
- OsuBucketPrefix: (optional) The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
- PublicationInterval: (optional) The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
HealthCheck: (optional) Information about the health check configuration.
- CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
- HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
- Path: (optional) If you use the HTTP or HTTPS protocols, the request URL path.
- Port: The port number (between 1 and 65535, both included).
- Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
- Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
- UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
LoadBalancerName: The name of the load balancer.
LoadBalancerPort: (optional) The port on which the load balancer is listening (between 1 and 65535, both included). This parameter is required if you want to update the server certificate.
PolicyNames: (optional) The name of the policy you want to enable for the listener.
PublicIp: (optional) (internet-facing only) The public IP you want to associate with the load balancer. The former public IP of the load balancer is then disassociated. If you specify an empty string and the former public IP belonged to you, it is disassociated and replaced by a public IP owned by 3DS OUTSCALE.
SecuredCookies: (optional) If true, secure cookies are enabled for the load balancer.
SecurityGroups: (optional) (Net only) One or more IDs of security groups you want to assign to the load balancer. You need to specify the already assigned security groups that you want to keep along with the new ones you are assigning. If the list is empty, the default security group of the Net is assigned to the load balancer.
ServerCertificateId: (optional) The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs). If this parameter is specified, you must also specify the LoadBalancerPort parameter.

The UpdateLoadBalancer command returns the following elements:

LoadBalancer: Information about the load balancer.
- AccessLog: Information about access logs.
  - IsEnabled: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
  - OsuBucketName: The name of the OOS bucket for the access logs.
  - OsuBucketPrefix: The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
  - PublicationInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
- ApplicationStickyCookiePolicies: The stickiness policies defined for the load balancer.
  - CookieName: The name of the application cookie used for stickiness.
  - PolicyName: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
- BackendIps: One or more public IPs of backend VMs.
- BackendVmIds: One or more IDs of backend VMs for the load balancer.
- DnsName: The DNS name of the load balancer.
- HealthCheck: Information about the health check configuration.
  - CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
  - HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
  - Path: If you use the HTTP or HTTPS protocols, the request URL path.
  - Port: The port number (between 1 and 65535, both included).
  - Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
  - Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
  - UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
- Listeners: The listeners for the load balancer.
  - BackendPort: The port on which the backend VM is listening (between 1 and 65535, both included).
  - BackendProtocol: The protocol for routing traffic to backend VMs (HTTP | HTTPS | TCP | SSL).
  - LoadBalancerPort: The port on which the load balancer is listening (between 1 and 65535, both included).
  - LoadBalancerProtocol: The routing protocol (HTTP | HTTPS | TCP | SSL).
  - PolicyNames: The names of the policies. If there are no policies enabled, the list is empty.
  - ServerCertificateId: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
- LoadBalancerName: The name of the load balancer.
- LoadBalancerStickyCookiePolicies: The policies defined for the load balancer.
  - CookieExpirationPeriod: The time period, in seconds, after which the cookie should be considered stale.
    If 1, the stickiness session lasts for the duration of the browser session.
  - PolicyName: The name of the stickiness policy.
- LoadBalancerType: The type of load balancer. Valid only for load balancers in a Net.
  If LoadBalancerType is internet-facing, the load balancer has a public DNS name that resolves to a public IP.
  If LoadBalancerType is internal, the load balancer has a public DNS name that resolves to a private IP.
- NetId: The ID of the Net for the load balancer.
- PublicIp: (internet-facing only) The public IP associated with the load balancer.
- SecuredCookies: Whether secure cookies are enabled for the load balancer.
- SecurityGroups: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net.
- SourceSecurityGroup: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
  To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.
  - SecurityGroupAccountId: The account ID of the owner of the security group.
  - SecurityGroupName: The name of the security group.
- Subnets: The ID of the Subnet in which the load balancer was created.
- SubregionNames: The ID of the Subregion in which the load balancer was created.
- Tags: One or more tags associated with the load balancer.
  - Key: The key of the tag, with a minimum of 1 character.
  - Value: The value of the tag, between 0 and 255 characters.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample: Updating health checks

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 5,
      "Timeout": 5,
      "CheckInterval": 30,
      "Path": "/index.html",
      "Protocol": "HTTPS",
      "HealthyThreshold": 10,
      "Port": 8080
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating access logs

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 5,
      "OsuBucketPrefix": "PREFIX",
      "OsuBucketName": "BUCKET",
      "IsEnabled": true
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating policies

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [
      {
        "PolicyName": "example-browser-policy",
        "CookieExpirationPeriod": 1
      }
    ],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating SSL certificate

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Modifying the Attributes of an Internet-facing Load Balancer Using oapi-cli

The UpdateLoadBalancer command modifies the specified attribute of a load balancer. You can specify only one attribute at a time.

You can set a new SSL certificate to an SSL or HTTPS listener of a load balancer.
This certificate replaces any certificate used on the same load balancer and port.

You can also replace the currently enabled policy for the load balancer with another one.
If the PolicyNames parameter is empty, the currently enabled policy is disabled.

Request sample: Updating health checks

$ oapi-cli --profile "default" UpdateLoadBalancer \
    --LoadBalancerName "private-lb-example" \
    --HealthCheck '{
        "HealthyThreshold": 10,
        "CheckInterval": 30,
        "Path": "/index.html",
        "Port": 8080,
        "Protocol": "HTTPS",
        "Timeout": 5,
        "UnhealthyThreshold": 5
      }'

Request sample: Updating access logs

$ oapi-cli --profile "default" UpdateLoadBalancer \
    --LoadBalancerName "private-lb-example" \
    --AccessLog '{
        "PublicationInterval": 5,
        "IsEnabled": True,
        "OsuBucketName": "BUCKET",
        "OsuBucketPrefix": "PREFIX"
      }'

Request sample: Updating policies

$ oapi-cli --profile "default" UpdateLoadBalancer \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --PolicyNames '["example-browser-policy"]'

Request sample: Updating SSL certificate

$ oapi-cli --profile "default" UpdateLoadBalancer \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --ServerCertificateId "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate"

This command contains the following attributes that you need to specify:

AccessLog: (optional) Information about access logs.
- IsEnabled: (optional) If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
- OsuBucketName: (optional) The name of the OOS bucket for the access logs.
- OsuBucketPrefix: (optional) The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
- PublicationInterval: (optional) The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
HealthCheck: (optional) Information about the health check configuration.
- CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
- HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
- Path: (optional) If you use the HTTP or HTTPS protocols, the request URL path.
- Port: The port number (between 1 and 65535, both included).
- Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
- Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
- UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
LoadBalancerName: The name of the load balancer.
LoadBalancerPort: (optional) The port on which the load balancer is listening (between 1 and 65535, both included). This parameter is required if you want to update the server certificate.
PolicyNames: (optional) The name of the policy you want to enable for the listener.
PublicIp: (optional) (internet-facing only) The public IP you want to associate with the load balancer. The former public IP of the load balancer is then disassociated. If you specify an empty string and the former public IP belonged to you, it is disassociated and replaced by a public IP owned by 3DS OUTSCALE.
SecuredCookies: (optional) If true, secure cookies are enabled for the load balancer.
SecurityGroups: (optional) (Net only) One or more IDs of security groups you want to assign to the load balancer. You need to specify the already assigned security groups that you want to keep along with the new ones you are assigning. If the list is empty, the default security group of the Net is assigned to the load balancer.
ServerCertificateId: (optional) The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs). If this parameter is specified, you must also specify the LoadBalancerPort parameter.

The UpdateLoadBalancer command returns the following elements:

LoadBalancer: Information about the load balancer.
- AccessLog: Information about access logs.
  - IsEnabled: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
  - OsuBucketName: The name of the OOS bucket for the access logs.
  - OsuBucketPrefix: The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
  - PublicationInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
- ApplicationStickyCookiePolicies: The stickiness policies defined for the load balancer.
  - CookieName: The name of the application cookie used for stickiness.
  - PolicyName: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
- BackendIps: One or more public IPs of backend VMs.
- BackendVmIds: One or more IDs of backend VMs for the load balancer.
- DnsName: The DNS name of the load balancer.
- HealthCheck: Information about the health check configuration.
  - CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
  - HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
  - Path: If you use the HTTP or HTTPS protocols, the request URL path.
  - Port: The port number (between 1 and 65535, both included).
  - Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
  - Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
  - UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
- Listeners: The listeners for the load balancer.
  - BackendPort: The port on which the backend VM is listening (between 1 and 65535, both included).
  - BackendProtocol: The protocol for routing traffic to backend VMs (HTTP | HTTPS | TCP | SSL).
  - LoadBalancerPort: The port on which the load balancer is listening (between 1 and 65535, both included).
  - LoadBalancerProtocol: The routing protocol (HTTP | HTTPS | TCP | SSL).
  - PolicyNames: The names of the policies. If there are no policies enabled, the list is empty.
  - ServerCertificateId: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
- LoadBalancerName: The name of the load balancer.
- LoadBalancerStickyCookiePolicies: The policies defined for the load balancer.
  - CookieExpirationPeriod: The time period, in seconds, after which the cookie should be considered stale.
    If 1, the stickiness session lasts for the duration of the browser session.
  - PolicyName: The name of the stickiness policy.
- LoadBalancerType: The type of load balancer. Valid only for load balancers in a Net.
  If LoadBalancerType is internet-facing, the load balancer has a public DNS name that resolves to a public IP.
  If LoadBalancerType is internal, the load balancer has a public DNS name that resolves to a private IP.
- NetId: The ID of the Net for the load balancer.
- PublicIp: (internet-facing only) The public IP associated with the load balancer.
- SecuredCookies: Whether secure cookies are enabled for the load balancer.
- SecurityGroups: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net.
- SourceSecurityGroup: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
  To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.
  - SecurityGroupAccountId: The account ID of the owner of the security group.
  - SecurityGroupName: The name of the security group.
- Subnets: The ID of the Subnet in which the load balancer was created.
- SubregionNames: The ID of the Subregion in which the load balancer was created.
- Tags: One or more tags associated with the load balancer.
  - Key: The key of the tag, with a minimum of 1 character.
  - Value: The value of the tag, between 0 and 255 characters.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample: Updating health checks

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 5,
      "Timeout": 5,
      "CheckInterval": 30,
      "Path": "/index.html",
      "Protocol": "HTTPS",
      "HealthyThreshold": 10,
      "Port": 8080
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating access logs

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 5,
      "OsuBucketPrefix": "PREFIX",
      "OsuBucketName": "BUCKET",
      "IsEnabled": true
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating policies

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [
      {
        "PolicyName": "example-browser-policy",
        "CookieExpirationPeriod": 1
      }
    ],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating SSL certificate

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Modifying the Attributes of a Load Balancer Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

To modify the attributes of your load balancers, use the modify-load-balancer-attributes command following this syntax:

Request sample

$ aws elb modify-load-balancer-attributes \
    --profile YOUR_PROFILE \
    --load-balancer-name LOAD_BALANCER_NAME \
    --load-balancer-attributes "{ \
                                 \"AccessLog\": \
                                             { \
                                              \"Enabled\": true, \
                                              \"S3BucketName\": \"BUCKET_NAME\", \
                                              \"EmitInterval\": 60, \
                                              \"S3BucketPrefix\": \"BUCKET_PREFIX\" \
                                             }, \
                                \"AdditionalAttributes\": \
                                            { \
                                             \"Key\": \"SecuredCookies\", \
                                             \"Value\": \"true\" \
                                            }, \
                                \"ConnectionDraining\": \
                                            { \
                                             \"Enabled\": true, \
                                             \"Timeout\": 20 \
                                            }, \
                                \"ConnectionSettings\": \
                                            { \
                                             \"IdleTimeout\": 60 \
                                            } \
                               }" \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
load-balancer-name: The name of the load balancer whose attributes you want to modify.
load-balancer-attributes: The attributes of the load balancer you want to modify. The following attributes are available:
- (optional) AccessLog: Information about the publication of the access logs. This element contains the following attributes that you need to specify:
  - Enabled: If true, access logs are enabled for the specified load balancer. If false, they are not.
    
    If you enable access logs, you must specify the S3BucketName attribute below.
  - (optional) S3BucketName: The name of the OOS bucket in which to publish the access logs. For more information, see About OOS.
  - (optional) EmitInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
  - (optional) S3BucketPrefix: The path to the folder in your OOS bucket in which to publish the access logs (by default, the root level of your bucket).
- (optional) ConnectionDraining: Information about the draining of the connections to unhealthy or deregistered instances.
  - Enabled: If true, connection draining is enabled for your load balancer. In this case, existing requests are completed before the connections are closed. If false, it is not (by default, false).
  - (optional) Timeout: The maximum time that the load balancer keeps the existing connections open before deregistering instances, in seconds (by default, 20).
- (optional) ConnectionSettings: Information about idle connections.
  - IdleTimeout: The amount of time, in seconds, that the connection is allowed to be idle (meaning no data is sent over), before it is closed by the load balancer. By default, set to 30 for the frontend connection and 60 for the backend connection of your load balancer.
    
    If you set a new duration, the same value is applied to both frontend and backend connections.
- (optional) AdditionalAttributes: Information about additional load balancer attributes, for example secure cookies.
  - Key: The name of the attribute. You can configure secure cookies on your load balancer with SecuredCookies.
  - Value: The value of the attribute. If the Key is SecuredCookies, set the Value to true to enable secure cookies and false to disable them.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The modify-load-balancer-attributes command returns the following elements:

LoadBalancerName: The name of the load balancer.
LoadBalancerAttributes: Information about the load balancer you modified. This element contains the following information:
- AccessLog: Information about the publication of access logs. This element contains the following information:
  - Enabled: If true, access logs are enabled for the specified load balancer. If false, they are not.
  - S3BucketName: The name of the OOS bucket in which the access logs are published. For more information, see About OOS.
  - EmitInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
  - S3BucketPrefix: The path to the folder in your OOS bucket in which the access logs are published (by default, the root level of your bucket).
- ConnectionDraining: Information about the draining of the connections. This element contains the following information:
  - Enabled: If true, connection draining is enabled for your load balancer. If false, it is not.
  - Timeout: The time that the load balancer keeps the existing connections open before deregistering instances, in seconds.
- ConnectionSettings: Information about idle connections. This element contains the following information:
  - IdleTimeout: The time that the connection is allowed to be idle before it is closed by the load balancer.
- AdditionalAttributes: Information about additional load balancer attributes. This element contains the following information:
  - Key: The name of the attribute, for example secured_cookies.
  - Value: The value of the attribute. If the Key is secured_cookies and the Value is true, secure cookies are enabled. If false, they are not.

Result sample

{
    "LoadBalancerName": LOAD_BALANCER_NAME,
    "LoadBalancerAttributes": {
        "AccessLog": {
            "Enabled": true,
            "S3BucketName": "BUCKET_NAME",
            "EmitInterval": 60,
            "S3BucketPrefix": "BUCKET_PREFIX"
        },
        "AdditionalAttributes": {
            "member": {
                "Key": "secured_cookies",
                "Value": "true"
            }
        },
        "ConnectionDraining": {
            "Enabled": true,
            "Timeout": 20
        },
        "ConnectionSettings": {
            "IdleTimeout": 60
        }
    }
}

The attributes of the specified load balancer are modified.

After you disable access logs, the existing log files remain in the OOS bucket until you delete them. For more information, see Removing Objects from a Bucket.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.