Greetings from AWS Premium Support !
Reading through the case description I understand that for controlling user session time by cookie session, you have configured SessionTimeout value less than By default value(7 days). But when Application Load Balancer session is open it keeps default value of 7 days and On reviewing ALB listener configuration, sessiontime of cookie is configured as 3600 sec. You would like to know about this different behavior.
On preliminary investigation, I need to check the ALB configuration but without ALB DNS name, I was unable to check. So I am providing you general information regarding your query, Please find below,
As per your words, It seems that cookie's 'Expires' parameter is showing 7 days even after the configuration is changed to 3600 Sec in the target group attributes.
I would like to inform you that this is an expected behavior for the ALB, the actual expiry timestamp is embedded within the cookie value. Thus, ALB will decode the value of the cookie to find the configured expiry and will not consider the expires parameter. The 'Expires' parameter is always set to 7 days no matter the configuration on the target group.
In case, if you still have queries regarding this, I would like to request you to reach out to the support team, with ALB DNS and region name, via Support console and we will investigate the same in detail.
Hope the information provided above is helpful.
Have a great day ahead.
need help about load balancerAccepted Answerasked 9 days ago
Application Load Balancer throws 503 in a post requestasked 2 months ago
AWS Load Balancer Controller deployment to force creation of application Load Balancer?asked 5 months ago
Traffic Mirror Session Support on Application Load Balancerasked 2 days ago
Unable to configure Application Load Balancer using Cognito client App which has no secretAccepted Answerasked a month ago
i have 1 instances and i am using application load balancerasked 8 days ago
Cognito (with google) + Application Load Balancer = 414 Request-URI Too Largeasked 5 months ago
Application Load Balancer and Cognito cookie session time (SessionTimeout) can't be adjusted - logout problemAccepted Answerasked 2 months ago
Cognito with Load Balancerasked 7 months ago
Logout from an ALB session that is authenticated by Cognitoasked 3 years ago