Reputation: 2193
How to generate ListnerCertificate CertificateArn in loadbalancer
I want to add certificate in listner of ApplicationLoadBalancer. How can i add and how can i associate with each ther, I am using HTTPS protocol for that i need to set/configure sslcertificate.
Listener = t.add_resource(elb.Listener(
"Listener",
Certificates=elb.Certificate(
CertificateArn="",
),
Port="443",
Protocol="HTTPS",
LoadBalancerArn=Ref(ApplicationLoadBalancer),
SslPolicy="ELBSecurityPolicy-TLS-1-2-Ext-2018-06",
DefaultActions=[elb.Action(
Type="forward",
TargetGroupArn=Ref(TargetGroupApp)
)]
))
ListenerCertificate = t.add_resource(elb.ListenerCertificate(
"ListenerCertificate",
Certificates=elb.Certificate(
CertificateArn="",
),
ListenerArn=Ref(Listener)
))
How can i add certificate in listner and listnercertificate,
Upvotes: 0
Views: 577
Answers (1)
Reputation: 434
There are two ways to add an existing certificate to a listener - you've listed both of them, but you should really only need one of them. Also, I'm assuming you need to create the certificate. This shows how, and it show both ways of attaching that cert. One thing to keep in mind - there's a manual step to approving a certificate creation, even when it's created in CloudFormation, so you'll need to keep an eye on the approval request in your email:
from troposphere.certificatemanager import Certificate
# First create the certificate if it doesn't already exist
cert = t.add_resource(
Certificate(
"MyCert",
DomainName="example.com",
)
)
# Now you can add it to the load balancer directly/inline
Listener = t.add_resource(elb.Listener(
"Listener",
Certificates=elb.Certificate(
CertificateArn=cert.Ref(),
),
Port="443",
Protocol="HTTPS",
LoadBalancerArn=Ref(ApplicationLoadBalancer),
SslPolicy="ELBSecurityPolicy-TLS-1-2-Ext-2018-06",
DefaultActions=[elb.Action(
Type="forward",
TargetGroupArn=Ref(TargetGroupApp)
)]
))
# Or you can add it to an existing Listener with this resource
ListenerCertificate = t.add_resource(elb.ListenerCertificate(
"ListenerCertificate",
Certificates=elb.Certificate(
CertificateArn=cert.Ref(),
),
ListenerArn=Ref(Listener)
))
If you already have a certificate, then you don't need the first step to create it - instead just provide the arn (you can find it in the dashboard) as the argument, rather than cert.Ref()
Hope that helps.
Upvotes: 1
Related Questions
- CloudFormation Elastic load balancer listener circular dependency with listener certificate
- How to set multiple certificates for AWS::ElasticLoadBalancingV2::Listener
- Cloudformation: CommaDelimitedList of Cert ARNs for ListenerCertificate Resource
- CloudFormation AWS::CertificateManager::Certificate automated certificate validation
- (Bug) Elasticloadbalancer cant find ACM certificates with arn cloudformation
- How to generate the Certificate Chain for AWS load balancer?
- Cloudformation AWS::ElasticLoadBalancingV2::Listener arbitrary list of certificates
- SSL Certificate For AWS Load Balancer
- AWS Cloudformation: Loadbalancer Custom SSL Negotiation Policy
- AWS loadbalancer and ssl certificate for my website