You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We'll use the [`alb.ingress.kubernetes.io/actions.${action-name}`](../ingress/annotations.md#actions) annotation to setup an ingress to redirect http traffic into https
3
+
You can use the [`alb.ingress.kubernetes.io/ssl-redirect`](../ingress/annotations.md#ssl-redirect) annotation to setup an ingress to redirect http traffic to https
- `alb.ingress.kubernetes.io/listen-ports` annotation must at least include [{"HTTP": 80}, {"HTTPS":443}] to listen on 80 and 443.
38
36
- `alb.ingress.kubernetes.io/certificate-arn`annotation must be set to allow listen for HTTPS traffic
39
-
- the `ssl-redirect` action must be be first rule(which will be evaluated first by ALB)
37
+
- the ssl-redirect port must appear in the listen-port annotation, and must be an HTTPS port
40
38
41
39
## How it works
42
-
By default, all rules specified in ingress spec will be applied to all listeners(one listener per port) on ALB.
43
-
44
-
If there is an redirection rule, the AWS Load Balancer controller will check it against every listener(port) to see whether it will introduce infinite redirection loop, and **will ignore that rule for specific listener.**
40
+
If you enable SSL redirection, the controller configures each HTTP listener with a default action to redirect to HTTPS. The controller does not add any other rules to the HTTP listener.
45
41
46
-
So for our above example, the rule by `ssl-redirect` will only been applied to http(80) listener.
42
+
For the above example, the HTTP listener on port 80 will have a single default rule to redirect traffic to HTTPS on port 443.
0 commit comments