Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ecs-patterns: Simple http -> https redirect

See original GitHub issue

Add a property to ecs-patterns constructs to automatically setup an http->https redirect on the service’s load balancer.

Use Case

User’s with publicly accessible services using https usually want to automatically redirect clients from http to https.

As the result of discussion within https://github.com/aws/aws-cdk/issues/5583, it is apparent that setting this up could be much easier. Since this is a super common pattern and one that we should encourage for publicly accessible services, we should make it as easy as possible in the high level patterns constructs.

Proposed Solution

Add an optional property redirectToHttps or forceHttps that when set to true will create a listener on port 80 that redirects to 443. This option should only be able to be set to true when a certificate is provided. This should be added to all ecs-patterns constructs that create load balancers.

👋 I may be able to implement this feature request
⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request

Issue Analytics

State:
Created 3 years ago
Reactions:4
Comments:13 (5 by maintainers)

Top GitHub Comments

3reactions

khalidxcommented, Aug 2, 2020

Hey! I think this already works… let me know if I’m wrong!

Here’s how I implemented HTTP -> HTTPS redirects on the load balancer (single file implementation, < 60 lines, should be easy to follow): https://github.com/khalidx/origin/blob/master/src/cdk.ts

I’ll inline the implementation here for reference:

    const vpc = new ec2.Vpc(this, 'InfrastructureVpc', { maxAzs: 3 })

    const cluster = new ecs.Cluster(this, 'InfrastructureCluster', { vpc })

    const service = new ecs_patterns.ApplicationLoadBalancedFargateService(this, 'ServerService', {
      cluster,
      desiredCount: 2,
      cpu: 256,
      memoryLimitMiB: 1024,
      taskImageOptions: {
        image: ecs.ContainerImage.fromAsset(join(__dirname, '../'), { exclude: [ 'node_modules', 'dist', 'exec', 'cdk.out' ] })
      },
      publicLoadBalancer: true,
      domainName: configuration.subdomian,
      domainZone: route53.HostedZone.fromHostedZoneAttributes(this, 'InfrastructureZone', configuration.hostedZone),
      certificate: acm.Certificate.fromCertificateArn(this, 'InfrastructureCertificate', configuration.certificate)
    })

    service
    .loadBalancer
    .addListener('HttpListener', { protocol: elbv2.ApplicationProtocol.HTTP, port: 80 })
    .addRedirectResponse('HttpRedirect', { statusCode: 'HTTP_301', protocol: elbv2.ApplicationProtocol.HTTPS, port: '443' })

By the way, check out https://github.com/khalidx/origin for a boilerplate starter project that deploys a node express API as an HTTPS exposed service using CDK. It also generates a node module, native binaries, and Docker image for your API, so that it can run anywhere!

1reaction

alejandrodaucommented, Jan 25, 2022

It seems this is now possible using the addRedirect method

https://docs.aws.amazon.com/cdk/api/v1/docs/aws-elasticloadbalancingv2-readme.html#:~:text=If you do not provide any options for this method%2C it redirects HTTP port 80 to HTTPS port 443.

Top Results From Across the Web

Configuring HTTP to HTTPS redirection - AWS Elastic Beanstalk

To configure redirection, you first configure your environment to handle HTTPS traffic. Then you redirect HTTP traffic to HTTPS.

How to Configure HTTP to HTTPS Redirect - YouTube

HTTP to HTTPS redirect is one of the most frequent use of load balancing policy however HTTP to HTTPS redirect configuration can be...

python flask redirect to https from http - ssl - Stack Overflow

I use a simple extra app that runs on port 80 and redirect people to https: from flask import Flask,redirect app = Flask(__name__)...

Redirect HTTP to HTTPS with Windows IIS 10 - SSL.com

Give your redirect an easy-to-remember name. In the Matched URL section: Set Requested URL: to. Matches the Pattern.

Redirect HTTP to HTTPS - Avi Networks

The methods are presented in order from simplest (with fewest options) to most advanced. Configuration. Using Application Profile. Option 1. If the virtual ......