Menu
I am trying to write a CloudFormation template for ALB, but got stuck on the point where I would like to redirect ALB's HTTP listener's traffic to HTTPS listener. Docs mention only forwarding/redirection to the target group.
I am aware that it is achievable using the web interface (AWS Console), which I want to avoid. Also handling it on the server is a no go for me.
Is this ALB's feature simply not implemented in CloudFormation, but exists in Console?
615
Classic Load Balancers can't redirect HTTP traffic to HTTPS by default. Instead, configure your rewrite rules for the web servers instances behind the Classic Load Balancer. You must configure your rewrite rules to use the X-Forwarded-Proto header and redirect only HTTP clients.
Select a load balancer, and then choose HTTP Listener. Under Rules, choose View/edit rules. Choose Edit Rule to modify the existing default rule to redirect all HTTP requests to HTTPS. Or, insert a rule between the existing rules (if appropriate for your use case).
What you need to do is set up an HTTPS listener, an AWS IAM server certificate to attach to the listener, and an HTTP target group. You can then attach instances/servers that listen in HTTP to that target group. As Michael said, this is not a "redirect" but a "forward" rule to your target group.
On November 19, 2018 Amazon introduced the RedirectConfig for the Elastic Load Balancer Listener. This listener type is also used for the Application Load Balancer (ALB).
Below you find an example configuration for the usual HTTP to HTTPS redirect. Replace 'PublicLoadBalancerBackend' with your load balancers CloudFormation object.
PublicLoadBalancerHttpRedirectListener:
Type: AWS::ElasticLoadBalancingV2::Listener
DependsOn:
- PublicLoadBalancerBackend
Properties:
DefaultActions:
- RedirectConfig:
Host: "#{host}"
Path: "/#{path}"
Port: 443
Protocol: "HTTPS"
Query: "#{query}"
StatusCode: HTTP_301
Type: redirect
LoadBalancerArn: !Ref 'PublicLoadBalancerBackend'
Port: 80
Protocol: HTTP
CloudFormation Documentation on the RedirectConfig: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-redirectconfig.html
CloudFormation Documentation on the Listener Action: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listener-defaultactions.html
87
Looks like for now the only option is to write a custom resource to manage it. See: https://github.com/jheller/alb-rule for a solid example to either implement - or use as a base for your own implementation. (I have no affiliation with the above code - just found for my own need to do the exact same thing)
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
