Ensure ALB redirects HTTP requests into HTTPS ones

Error: ALB does not redirect HTTP requests into HTTPS ones

Bridgecrew Policy ID: BC_AWS_NETWORKING_49
Checkov Check ID: CKV2_AWS_20
Severity: LOW

ALB does not redirect HTTP requests into HTTPS ones

Description

Ensure that the behaviour of the Load balancer is redirect any traffic from the encrypted endpoint rather than handling on http or failing to respond.

Fix - Buildtime

Terraform

  • Resource: aws_lb, aws_lb_listener
  • Argument: redirect of aws_lb_listener
resource "aws_lb" "lb_good" {
}


resource "aws_lb_listener" "listener_good" {
  load_balancer_arn = aws_lb.lb_good.arn
  port              = "80"
  protocol          = "HTTP"

  default_action {
    type = "redirect"

    redirect {
      port        = "443"
      protocol    = "HTTPS"
      status_code = "HTTP_301"
    }

  }
}