By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Configuring Elastic Load Balancer IdleTimeout with Cloud Formation

0

The maximum configurable idle timeout for ELBv2 application load balancer is 4000 seconds. Why is the limit only 3600 seconds when configuring the same value via CloudFormation?

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#connection-idle-timeout https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-connectionsettings.html

Are there any suitable workarounds? I am using elastic beanstalk. I can manually adjust the timeout, but if the environment is redeployed, my load balancer may get reset due to configs in my .ebextensions directory.

Topics
ComputeManagement & GovernanceNetworking & Content Delivery
Tags
AWS Elastic BeanstalkAWS CloudFormationNetworking & Content DeliveryElastic Load BalancingApplication Load Balancer
Language
English
Greg S
asked 10 months ago692 views
1 Answer
1

You are absolutely right. UI allows 4000 seconds to Maximum Idle time out limit where as cloudformation gives 3600 seconds as Maximum Idle timeout. This is the case only for AWS::ElasticLoadBalancing::LoadBalancer, but not for AWS::ElasticLoadBalancingV2::LoadBalancer

I'd encourage you to use AWS::ElasticLoadBalancingV2::LoadBalancer, where you can use idle_timeout.timeout_seconds attribute and max allowed value is 4000 seconds.

Refer this AWS::ElasticLoadBalancingV2::LoadBalancer documentation.

here is the sample cloudformation yml for your quick reference:

  ApplicationLoadBalancer:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Scheme: public-facing
      Subnets:
      - !Ref PublicSubnet1
      - !Ref PublicSubnet2
      SecurityGroups:
        - !GetAtt ELBSecurityGroup.GroupId
      LoadBalancerAttributes: 
        -
          Key: "idle_timeout.timeout_seconds"
          Value: "4000"

Feel free to comment here if you have additional question.

Hope you find this useful.

Abhishek

profile pictureAWS
EXPERT
secondabhi_aws
answered 10 months ago
  • Greg S
    10 months ago

    Thanks Abhishek. I am using elastic beanstalk with an ELBv2. With this config in my .ebextensions, I receive the error Invalid option value: '4000' (Namespace: 'aws:elbv2:loadbalancer', OptionName: 'IdleTimeout'): Value exceeds maximum allowed value: 3600 . Perhaps the v1 API and v2 API rules are confused somewhere in the validation for the request. I think elastic beanstalk uses cloudformation under the hood, though I have not tried to allocate the ALB directly using the cloudformation API. In any case, based on what you mentioned, it looks like a bug in Elastic Beanstalk.

    Resources:
  AWSEBV2LoadBalancer:
    Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
    Properties:
      LoadBalancerAttributes:
      - Key: 'idle_timeout.timeout_seconds'
        Value: 4000
  • secondabhi_aws EXPERT
    10 months ago

    I can say for sure, it works fine when I deploy directly through cloudformation. I can confirm on that as I did deploy one ALB through CF, before answering to your question. One thing, which I noticed in your example, Value: 4000, Value must be String type so please provide the value as I showed in my example Value: "4000". It'd work. Let me know how that goes, happy to talk further. Completely optional, you can approve my answer if it helps.

  • secondabhi_aws EXPERT
    10 months ago

    Provide Value: "4000" instead of Value: 4000, since it expects string value.

  • Greg S
    10 months ago

    Thanks again for taking another look! Unfortunately, using a string rather than a number didn't help. I confirmed what you said, using the CF API directly allows 4000, just not through elastic beanstalk for whatever reason. Particularly since the elbv2 parameter is not called IdleTimeout but rather LoadBalancerAttributes[idle_timeout.timeout_seconds] I have a strong suspicion this is a bug in their validation layer.

    Also, I checked my AWS console and found that I can adjust an elb "classic" load balancer timeout to 4000, which is surprising since CF's documentation says not to go over 3600 for ELBv1.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content