Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

AWS service for HTTP -> HTTPS redirect?

0

The idea would be to not have to run and maintain a small instance with nginx to do the redirect.

so if there was an amazon service that i could call, put security group on it, link to alb, and deploy with new terraform/cfn,.... and not have to maintain a server (or an asg of 1 with health)?

this is the nginx equivalent:


server {
       listen         80;
       server_name    my.domain.com;
       return         301 https://$server_name$request_uri;
}

server {
       listen         443 ssl;
       server_name    my.domain.com;
       # add Strict-Transport-Security to prevent man in the middle attacks
       add_header Strict-Transport-Security "max-age=31536000" always; 

       [....]
}
Themen
KalkulationVernetzung & Bereitstellung von Inhalten
Tags
Bereitstellung von WebsitesElastic Load BalancingSicherheitsgruppe
Sprache
English
nando
gefragt vor 3 Monaten229 Aufrufe
3 Antworten
1

Hello.

It is possible to redirect to HTTPS with ALB.
To create an HTTPS listener with ALB, you will also need to issue a certificate with ACM, but you will no longer need to configure HTTPS with Nginx.
https://repost.aws/knowledge-center/elb-redirect-http-to-https-using-alb

An example setting for CloudFormation is as follows.

  ALB: 
    Type: "AWS::ElasticLoadBalancingV2::LoadBalancer"
    Properties: 
      Name: !Sub ${ServerName}-alb
      Scheme: "internet-facing"
      LoadBalancerAttributes: 
        - Key: "deletion_protection.enabled"
          Value: false
        - Key: "idle_timeout.timeout_seconds"
          Value: 4000
      SecurityGroups:
        - !Ref SGloadbalancer
      Subnets: 
        - !Ref Subnet1
        - !Ref Subnet2
  ALBListenerHTTP: 
    Type: "AWS::ElasticLoadBalancingV2::Listener"
    Properties: 
      Port: 80
      Protocol: HTTP
      DefaultActions: 
        - Type: redirect
          RedirectConfig: 
            Host: '#{host}'
            Path: '/#{path}'
            Port: 443
            Protocol: HTTPS
            Query: '#{query}'
            StatusCode: HTTP_301
      LoadBalancerArn: !Ref ALB
  ALBListenerHTTPS:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      Port: 443
      Protocol: HTTPS
      Certificates:
        - CertificateArn: !Ref ACM
      DefaultActions:
        - TargetGroupArn: !Ref TargetGroup
          Type: forward
      LoadBalancerArn: !Ref ALB
profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 3 Monaten
profile pictureAWS
EXPERTE
Didier_Durand
überprüft vor 3 Monaten
0

The ALB can redirect from HTTP to HTTPS, but you're looking for something else?

https://aws.amazon.com/about-aws/whats-new/2018/07/elastic-load-balancing-announces-support-for-redirects-and-fixed-responses-for-application-load-balancer/

profile picture
EXPERTE
shibata
beantwortet vor 3 Monaten
0

CloudFront natively supports redirects from HTTP to HTTPS. For more complex interactions, you could also use Lambda@Edge: https://aws.amazon.com/blogs/networking-and-content-delivery/handling-redirectsedge-part1/

profile pictureAWS
EXPERTE
Brettski-AWS
beantwortet vor 3 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt