Reputation: 9855
AWS ALB Listen for HTTPS and send to ECS as HTTP
I have an ECS Cluster with a task listening on for HTTP traffic on port 9090. I want to create an ALB to do the SSL termination and send the request onto the ECS task on port 9090. I got it to work with the ALB listening on port 80 - but not 443. It's still sending encrypted traffic to ECS. I see errors in the application logs showing the request being a jumbled mess (encrypted). There's a lot of different ports/target groups/etc and I think I'm just congused as to which to configure correctly:
ALB->Listener[port 443]->Target Group[port 9090]->ECS
Is creating a new ECS Service/Task the only way to make them a target group? You cannot pick it as an option when creating TGs through that UI.
Upvotes: 1
Views: 231
Answers (1)
Reputation: 9855
The above comments were correct. When creating the ECS Service I needed to choose the existing ALB, Create new Listener for HTTPS and then Create new Target Group for HTTP. I also needed to add my healthcheck path /actuator/health for the TG to register as healthy.
Upvotes: 1
Related Questions
- AWS ECS ALB Error (Request timed out)
- AWS ALB HTTPS Target Groups
- Can't connect to ECS service through ALB
- Laravel application hosted on AWS ECS returns 503 error for HTTPS
- What's the target group port for, when using Application Load Balancer + EC2 Container Service
- AWS ECS: Unhealthy containers
- ECS and ALB connection problem. Right connection flow?
- AWS ALB Forward to Lambda with TLS