Adding a Listener for Port 5443 to the ALB

Similarly to listener for port 3000, here we will create a path for requests on port 5443 to be routed to Kubernetes nginx-ingress-controller-svc service through respective target group created above.

  1. Using the Find Services search tool, locate and browse to the EC2 Dashboard.
  2. In the left navigation panel, under Load Balancing, click Load Balancers.
  3. From the list of load balancers, select your previously created Application Load Balancer (ALB).

  1. On the Listeners tab, click Add Listener and set values for the following:
    1. Protocol: port: Change to HTTPS and 5443
    2. Default action(s): Choose the action Forward to..., and then choose your target group for port 5443
    3. Default SSL certificate: Choose the SSL certificate you have created previously.

  2. Click Save.
  1. Run the following command:
    # aws elbv2 create-listener \
    --load-balancer-arn <ALB ARN> \
    --protocol HTTPS \
    --port 5443 \
    --certificates CertificateArn=<Certificate ARN> \
    --default-actionsType=forward,TargetGroupArn=<Target group 5443 ARN>

Parameters:

<ALB ARN>: Use the value of ALB ARN recorded in the AWS worksheet.

<Certificate ARN>: Use the value of certificate ARN recorded in the AWS worksheet.

<Target group 5443 ARN>: Use the value for target group for port 5443 ARN recorded in the AWS worksheet.

Example input and output:

# aws elbv2 create-listener \
--load-balancer-arn arn:aws:elasticloadbalancing:eu-central-1:115370848038:loadbalancer/app/srgdemo-alb/8718b24107ef591b \
--protocol HTTPS --port 5443 \
--certificates CertificateArn=arn:aws:acm:eu-central-1:115370848038:certificate/691ec232-98ff-45ed-8e69-1d15c0447538 \
--default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:eu-central-1:115370848038:targetgroup/srgdemo-5443-tg/a096cb67c2f9144d
Listener for port 5443 description
{
   "Listeners":[
      {
         "ListenerArn":"arn:aws:elasticloadbalancing:eu-central-1:115370848038:listener/app/srgdemo-alb/8718b24107ef591b/98e4aa47242b3d49",
         "LoadBalancerArn":"arn:aws:elasticloadbalancing:eu-central-1:115370848038:loadbalancer/app/srgdemo-alb/8718b24107ef591b",
         "Port":5443,
         "Protocol":"HTTPS",
         "Certificates":[
            {
               "CertificateArn":"arn:aws:acm:eu-central-1:115370848038:certificate/691ec232-98ff-45ed-8e69-1d15c0447538"
            }
         ],
         "SslPolicy":"ELBSecurityPolicy-2016-08",
         "DefaultActions":[
            {
               "Type":"forward",
               "TargetGroupArn":"arn:aws:elasticloadbalancing:eu-central-1:115370848038:targetgroup/srgdemo-5443-tg/a096cb67c2f9144d",
               "ForwardConfig":{
                  "TargetGroups":[
                     {
                        "TargetGroupArn":"arn:aws:elasticloadbalancing:eu-central-1:115370848038:targetgroup/srgdemo-5443-tg/a096cb67c2f9144d",
                        "Weight":1
                     }
                  ],
                  "TargetGroupStickinessConfig":{
                     "Enabled":false
                  }
               }
            }
         ]
      }
   ]
}

Next Step: Creating a Target Group for Port 443