我正在使用此CloudFormation模板https://github.com/widdix/aws-cf-templates/blob/master/jenkins/jenkins2-ha-agents.yaml来设置jenkins服务器。
我现在想将SSL添加到ELB,并将https://github.com/widdix/aws-cf-templates/blob/master/jenkins/jenkins2-ha-agents.yaml#L511-L519修改为以下内容:
MasterELBListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: "redirect"
RedirectConfig:
Protocol: "HTTPS"
Port: "443"
Host: "#{host}"
Path: "/#{path}"
Query: "#{query}"
StatusCode: "HTTP_301"
LoadBalancerArn: !Ref MasterELB
Port: 80
Protocol: HTTP
MasterHTTPSListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
Certificates:
# - CertificateArn: !Ref CertificateARN
- CertificateArn: !FindInMap
- SSLmapping
- ssl1
- !FindInMap
- AWSRegionsNameMapping
- !Ref 'AWS::Region'
- RegionName
DefaultActions:
- Type: forward
TargetGroupArn: !Ref MasterELBTargetGroup
LoadBalancerArn: !Ref MasterELB
Port: 443
Protocol: HTTPS
但是当我尝试访问该网站时,它只是几次。
任何建议都值得赞赏
答案 0 :(得分:0)
好吧,我需要使用以下命令打开ELB的访问权限:
MasterELBHTTPSSGInWorld:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: HasNotAuthProxySecurityGroup
Properties:
GroupId: !Ref MasterELBSG
IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: '0.0.0.0/0'