1. Answers
  2. Create HTTPS ALB Listener with HTTP Redirect

How do I create an HTTPS ALB listener with HTTP redirect?

In this guide, we will create an Application Load Balancer (ALB) in AWS with an HTTPS listener and configure it to redirect HTTP traffic to HTTPS using Pulumi. This setup ensures that all HTTP requests are redirected to HTTPS, providing a secure connection for your users.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create a VPC
const vpc = new aws.ec2.Vpc("myVpc", {
    cidrBlock: "10.0.0.0/16",
});

// Create a subnet
const subnet = new aws.ec2.Subnet("mySubnet", {
    vpcId: vpc.id,
    cidrBlock: "10.0.1.0/24",
    availabilityZone: "us-west-2a",
});

// Create a security group
const securityGroup = new aws.ec2.SecurityGroup("mySecurityGroup", {
    vpcId: vpc.id,
    ingress: [
        { protocol: "tcp", fromPort: 80, toPort: 80, cidrBlocks: ["0.0.0.0/0"] },
        { protocol: "tcp", fromPort: 443, toPort: 443, cidrBlocks: ["0.0.0.0/0"] },
    ],
    egress: [
        { protocol: "tcp", fromPort: 0, toPort: 0, cidrBlocks: ["0.0.0.0/0"] },
    ],
});

// Create an ALB
const alb = new aws.lb.LoadBalancer("myAlb", {
    internal: false,
    securityGroups: [securityGroup.id],
    subnets: [subnet.id],
});

// Create a target group
const targetGroup = new aws.lb.TargetGroup("myTargetGroup", {
    port: 80,
    protocol: "HTTP",
    vpcId: vpc.id,
    targetType: "instance",
});

// Create an HTTPS listener
const httpsListener = new aws.lb.Listener("httpsListener", {
    loadBalancerArn: alb.arn,
    port: 443,
    protocol: "HTTPS",
    sslPolicy: "ELBSecurityPolicy-2016-08",
    certificateArn: "arn:aws:acm:us-west-2:123456789012:certificate/abcd1234-5678-90ab-cdef-1234567890ab", // Replace with your certificate ARN
    defaultActions: [{
        type: "forward",
        targetGroupArn: targetGroup.arn,
    }],
});

// Create an HTTP listener that redirects to HTTPS
const httpListener = new aws.lb.Listener("httpListener", {
    loadBalancerArn: alb.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [{
        type: "redirect",
        redirect: {
            protocol: "HTTPS",
            port: "443",
            statusCode: "HTTP_301",
        },
    }],
});

// Export the ALB DNS name
export const albDnsName = alb.dnsName;

Key Points

  • We created a VPC, subnet, and security group to host the ALB.
  • An ALB was created with both HTTP and HTTPS listeners.
  • The HTTPS listener forwards traffic to a target group.
  • The HTTP listener redirects traffic to HTTPS, ensuring secure connections.

Summary

This setup configures an AWS Application Load Balancer with an HTTPS listener and redirects all HTTP traffic to HTTPS using Pulumi. This ensures that all user connections to your application are secure.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up