Elastic Beanstalk Change ELB Type

Question

Does anyone know if it's possible to change an existing AWS Elastic Beanstalk environment to an Application Load Balancer (instead of a classic one).

As far as I know only Application ELB's can be protected with AWS WAF and DDOS "Shield" so any existing EB app can't take advantage of these features since they have classic ELB's.

Answer 1

It is not possible to change the load balancer type for an existing environment but I have used the following process to create a cloned environment with an application load balancer (instead of classic).

1. In the console, save configuration of the original env.
2. In terminal, eb config get [save name], you will get a file in .elasticbeanstalk\saved_configs .
3. Edit the file to add

OptionSettings: aws:elasticbeanstalk:environment: LoadBalancerType: application

and remove (if you have those):

aws:elb:loadbalancer: CrossZone: true aws:elb:policies: ConnectionDrainingEnabled: true aws:elb:listener:443: [whatever]

You can use this opportunity to do other changes, such as upgrade PlatformArn

4. Save modified config as [new save name].
5. In terminal, eb config put [new save name] .
6. Update your .ebextensions to have LoadBalancerType: application and optionally add listener to elbv2. You can also create in the console manually later.

aws:elbv2:listener:443: ListenerEnabled: true SSLPolicy: ELBSecurityPolicy-TLS-1-2-2017-01 SSLCertificateArns: [your cert id] DefaultProcess: default Protocol: HTTPS Rules: ''

7. Create a new env with eb create [new env name] --cfg [new save name]

Now you will have a new environment with a different load balancer type side-by-side with your old environment. You can perform testing, make further configuration changes and then if all is well, swap CNAMEs and terminate the previous environment.