-
-
Notifications
You must be signed in to change notification settings - Fork 326
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redirect http to https #98
Comments
Looks like it can't be done currently with the EB provided load balancer settings, because defining the listener rule requires that you point to the "process", which is the target group. But that will point back to our app (see https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-elbv2-listenerrule). Currently, I just do this... app.use((req, res, next) => {
if (req.headers["x-forwarded-proto"] === "https") return next();
return res.redirect(301, `https://${path.join(req.hostname, req.url)}`);
}); |
@atifsyedali I'm looking to do the same... I'd be happy to do the update, but I'm unsure how we can configure this easily. I've found this, which I think is the path forward, but providing that to the Beanstalk configuration settings through Terraform is throwing me off. @aknysh Do you have a suggestion on that front? |
Pardon my ignorance, I haven't actually tried this. I would think that you can achieve this using the data resource, grab the LB https://www.terraform.io/docs/providers/aws/r/lb_listener.html#redirect-action |
@svenlito That doesn't work for me
gives
|
I meant to say |
@svenlito Is that manually specified arn? (seems strange to do in terraform, although I'm inexperienced). Would you be willing to provide an example? |
I believe something like this could work. data "aws_lb" "selected" {
name = aws_elastic_beanstalk_environment.default.load_balancers[0].name
}
resource "aws_lb_listener" "http" {
load_balancer_arn = data.aws_lb.selected.arn
port = "80"
protocol = "HTTP"
default_action {
type = "redirect"
redirect {
port = "443"
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
} |
@svenlito Sadly not :/
Looks like I'm using Terraform v0.12.24, tried with v0.12.20 also, same result. edit: If i even hardcode the name of the load balancer (taken from AWS Web UI) it doesn't even work, very frustrating:
edit2: I've decided to handle this inside the application instead. |
You can do this by turning off the HTTP listener in the beanstalk settings, and then making a new Be sure to turn off the HTTP listener in the module:
Then make a new resource like so:
|
I was not able to get @boomshadow's solution to work out of the box since the elastic load balancer's security group did not expose port 80 due to My work around was to add a security group rule to the alb's security group in addition to the lb_listener.
|
You don't need to disable deafult_listener for the elastic beanstalk environment, neither do you need to create a new listener.
This did the job for me. |
@yashshanker When I use that I get the following:
Exact terraform:
(My environment name is |
this doesn't make sense, when I output data.aws_lb_listener.http_listener.arn, I am getting the load balancer arn and not the listener arn |
I have the same result as richardARPANET |
@richardARPANET @shanidoc @mndomingues You need to use the v2 application load balancer example (official aws provider) setup:
|
This is what worked for me
|
hope I am right here. #access_logs { bucket = "wshimport"enabled = true#} tags = { resource "aws_lb_listener" "external_lb_http" { default_action { resource "aws_lb_listener_rule" "redirect_http_to_https" {
} resource "aws_lb_listener" "external_lb_https" { default_action { Any idea? |
* Add flag to redirect HTTP to HTTPS * Rename variables and add support for shared load balancers * Modify existing examples * Update variables description * Fix redirect host default value * Replace custom status code with a flag * Fix format * Fix bad reference to aws_elastic_beanstalk_environment * Refactor datasources * Change status_code variable type * Fix load_balancer_arn reference * Fix load_balancer_arn * Add loadbalancer_redirect_http_to_https to complete example * Add missing period at the end of the validation error message * Update README.md and docs/terraform.md * Bump required_version * Update docs/terraform.md * Update README file * Change AWS provider constraint * Change AWS version constraint inside the README.md file
If I set
http_listener_enabled="true"
andloadbalancer_certificate_arn=someArn
andloadbalancer_ssl_policy=whatever
, then I can get the load balancer to add a HTTPS listener and a HTTP listener.But how can I make the HTTP listener create a forwarding rule to HTTPS?
The text was updated successfully, but these errors were encountered: