Application Load Balancer (ALB) provides basic, standard, and Web Application Firewall (WAF)-enabled instances. This topic describes the features supported by different editions.
The performance of an ALB instance is consistent across different editions. Refer to Performance metrics for more information about ALB performance.
ALB instances are differentiated between upgraded and non-upgraded versions. Upgraded ALB instances support security groups, while non-upgraded ones do not. To use security groups with ALB, create new ALB instances, which are inherently the upgraded version, or contact your account manager to upgrade your existing non-upgraded ALB.
Basic and standard ALB instances can be upgraded to the WAF-enabled edition.
Feature | Basic | Standard | WAF-enabled |
Listener protocol | |||
QUIC | Supported | Supported | Supported |
HTTP/2 | Supported | Supported | Supported |
HTTP/3 | Supported | Supported | Supported |
WebSocket | Supported | Supported | Supported |
Forwarding rule | |||
Distributing traffic based on domain names or URLs | Supported | Supported | Supported |
Distributing traffic based on HTTP headers | Supported | Supported | Supported |
Distributing traffic based on query strings | Not supported | Supported | Supported |
Distributing traffic based on cookies | Not supported | Supported | Supported |
Distributing traffic based on HTTP request methods | Not supported | Supported | Supported |
Distributing traffic based on source IP addresses | Not supported | Supported | Supported |
Distributing traffic based on response status codes | Not supported | Supported | Supported |
Distributing traffic based on response headers | Not supported | Supported | Supported |
Forwarding | Supported | Supported | Supported |
Redirecting | Supported | Supported | Supported |
Rewriting requests or returning custom responses | Not supported | Supported | Supported |
Adding or removing headers | Not supported | Supported | Supported |
Traffic mirroring | Not supported | Supported | Supported |
QPS throttling | Not supported | Supported | Supported |
Cross-origin resource sharing (CORS) | Not supported | Supported | Supported |
AScript | Not supported | Supported | Supported |
Server group type | |||
Server, IP, and Function Compute | Supported | Supported | Supported |
Security | |||
Access control lists (ACLs) | Supported | Supported | Supported |
Security groups | Supported | Supported | Supported |
TLS cipher suites | Supported | Supported | Supported |
Server Name Indication (SNI) for multiple certificates | Supported | Supported | Supported |
Rivest-Shamir-Adleman (RSA) and elliptic-curve cryptography (ECC) certificates | Supported | Supported | Supported |
ECC certificates | Supported | Supported | Supported |
End-to-end data transfer over HTTPS | Not supported | Supported | Supported |
Mutual authentication | Not supported | Supported | Supported |
Custom TLS security policies | Not supported | Supported | Supported |
TLS 1.3 | Supported | Supported | Supported |
Monitoring | |||
Access logs | Supported | Supported | Supported |
Monitoring metrics | Supported | Supported | Supported |
Tracing analysis | Not supported | Supported | Supported |
Advanced feature | |||
Identifying the IP address of a client | Not supported | Supported | Supported |
WAF | Not supported | Not supported | Supported |
Global Accelerator | Supported | Supported | Supported |
Session persistence | Supported | Supported | Supported |
Persistent connections | Supported | Supported | Supported |
Slow start | Not supported | Supported | Supported |
Connection draining | Not supported | Supported | Supported |
Disable cross-zone load balancing | Not supported | Supported | Supported |