I want to set an ALB 443 port to an EC2 80 port with security group rule by Terraform.
resource "aws_security_group_rule" "allow_https" {
security_group_id = aws_security_group.ec2.id
type = "ingress"
protocol = "tcp"
from_port = 443
to_port = 80
source_security_group_id = data.aws_ssm_parameter.alb.value
}
It got an error when apply:
Error: Error authorizing security group rule type ingress: InvalidParameterValue: Invalid TCP/UDP port range(443:80)
Isn't it possible to route 443 to 80?
CodePudding user response:
The security group of your ALB only takes care of what is allowed to the load-balancer. It does not do the routing to EC2 by itself.
You need add target group for your EC2 instance and create a 443 listener(https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener). Then add listener rule to route traffic from that listener to your EC2 instance's target group (or set that as default target in your listener ).
Also, you'd need to add that EC2 instance into the target group.