Create a listener for your Network Load Balancer – Elastic Load Balancing

Create a listener for your Network Load Balancer

A listener is a process that checks for connection requests. You define a listener
when you create your load balancer, and you can add listeners to your load balancer at
any time.

Prerequisites

  • You must specify a target group for the listener rule. For more
    information, see Create a target group for your Network Load Balancer.

  • You must specify an SSL certificate for a TLS listener. The load balancer
    uses the certificate to terminate the connection and decrypt requests from
    clients before routing them to targets. For more information, see Server certificates.

Add a listener

You configure a listener with a protocol and a port for connections from clients
to the load balancer, and a target group for the default listener rule. For more
information, see Listener configuration.

To add a listener using the console
  1. Open the Amazon EC2 console at
    https://console.aws.amazon.com/ec2/.

  2. In the navigation pane, choose Load Balancers.

  3. Select the name of the load balancer to open its details page.

  4. On the Listeners tab, choose Add listener.

  5. For Protocol, choose TCP,
    UDP, TCP_UDP, or
    TLS. Keep the default port or type a different
    port. For dualstack Network Load Balancers, only the TCP and TLS protocols are supported.

  6. For Default action, choose an available target group.

  7. [TLS listeners] For Security policy, we recommend
    that you keep the default security policy.

  8. [TLS listeners] For Default SSL certificate, do one
    of the following:

    • If you created or imported a certificate using AWS Certificate Manager, choose
      From ACM and choose the
      certificate.

    • If you uploaded a certificate using IAM, choose From
      IAM
      and choose the certificate.

  9. [TLS listeners] For ALPN policy, choose a policy to
    enable ALPN or choose None to disable ALPN. For more
    information, see ALPN policies.

  10. Choose Add.

  11. [TLS listeners] To add an optional certificate list for use with the SNI
    protocol, see Add certificates to the certificate list.

To add a listener using the AWS CLI

Use the create-listener command to create the listener.