Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Invalid request provided: AWS::ElasticLoadBalancingV2::ListenerRule Validation exception

I need to create just a TargetGroup and ListenerRule with the CloudFormation but i received error.

My CloudFormation:

TargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      Name: !Sub ${StackName}-alb
      VpcId: !Ref VpcId
      Port: !Ref ContainerPort
      Protocol: HTTP
      Matcher:
        HttpCode: 200
      HealthCheckIntervalSeconds: 10
      HealthCheckPath: !Ref HealthCheckPath
      HealthCheckProtocol: HTTP
      HealthCheckTimeoutSeconds: 5
      HealthyThresholdCount: 2
      TargetType: ip
      TargetGroupAttributes:
        - Key: deregistration_delay.timeout_seconds
          Value: 30

  ListenerRule:
    Type: AWS::ElasticLoadBalancingV2::ListenerRule
    DependsOn: 
      - TargetGroup
    Properties:
      Actions:
        - Type: forward
          TargetGroupArn: !Ref TargetGroup
      Conditions:
        - Field: host-header
          Values:
            - "www.mydominian.*"
      ListenerArn: !Ref ListenerArn
      Priority: 164

Invalid request provided

So, the error is the image

like image 465
Igor Pedroso Guimaraes Avatar asked Jun 11 '26 22:06

Igor Pedroso Guimaraes


2 Answers

It's just missing the HostHeaderConfig in the Conditions section. Update it to the following:

Conditions:
  - Field: host-header
    HostHeaderConfig:
      Values:
        - "www.mydominian.*"

When you define Field, you'll need to use the correct Config section. Unfortunately, it's not smart enough to know which one to apply your pattern to.

For example, if you were using path-based routing it would look like this:

Conditions: 
  - Field: path-pattern
    PathPatternConfig:
      Values:
        - "/api/micro-service-1/*"
like image 59
Eric Wilson Avatar answered Jun 14 '26 19:06

Eric Wilson


CloudFormation will also throw this "Invalid request provided" error if the permissions of the deploying user are incorrect.

We had to add an elasticloadbalancing:CreateRule Action, and supply the correct ARN conditions for the listener as well as a listener-rule wildcard in the Resource collection of the policy.

{
    "Effect": "Allow",
    "Action": [
        "elasticloadbalancing:CreateRule"
    ],
    "Resource": [
        "arn:aws:elasticloadbalancing:<region>:<account-id>:listener/app/<lb name>/<lb-id>/<listener-id>",
        "arn:aws:elasticloadbalancing:<region>:<account-id>:listener-rule/app/<lb name>/<lb-id>/<listener-id>/*"
    ]
}

Hope this helps someone else.

like image 38
Mike Smith Avatar answered Jun 14 '26 17:06

Mike Smith



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!