No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Having issue with creating an AWS network listener for NLB. I want to redirect TCP traffic to secure TCP (TLS). According to aws documentation (<https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-listeners.html>), listeners support the following protocols: TCP, TLS, UDP, and TCP_UDP. My goal is to terminate the SSL at the NLB. Not sure if that is even possible?

The following code is producing an error:

```
const nlb = new awsx.elasticloadbalancingv2.NetworkLoadBalancer(`network-lb`, {
    vpc,
    external: true
  });  
const tg = nlb.createTargetGroup(`tg`, {
    port: 80,
    protocol: "TCP",
  });
const tlsListener = tg.createListener(`tls-listener`, {
    vpc,
    loadBalancer: nlb,
    port: 443,
    protocol: 'TLS',
    certificateArn,
  });
const tcpListener = tg.createListener(`listener`, {
    vpc,
    loadBalancer: nlb,
    port: 80,
    protocol: "TCP",
    defaultAction: {
      type: "redirect",
      redirect: {
        protocol: "TLS",
        port: "443",
        statusCode: "HTTP_301",
      },
    },
  });
```

```Diagnostics:
  aws:lb:Listener (listener):
    error: aws:lb/listener:Listener resource 'listener' has a problem: expected default_action.0.redirect.0.protocol to be one of [#{protocol} HTTP HTTPS], got TLS```

Is there any issues with my code?
thanks