Configure AWS Elastic Beanstalk for HTTPS API endpoint
I’m taking a short break from working on Volant AI to write a quick, no-frills, easy-as guide to take your API and turn it into a HTTPS secure, accessible endpoint with AWS Elastic Beanstalk. Any web app that is using HTTPS will not allow any outgoing HTTP endpoint calls due to security reasons, so for production, you need HTTPS. Let’s dive in.
Goal: Configure HTTPS endpoint via elastic beanstalk for some API. It should be a subdomain route.
High-Level Approach
- Buy some domain name for registrar: AWS Route 53
- Make certificate for domain name in Certificate Manager (use a catch-all certificate)
- Go to Elastic Beanstalk and create new environment, with steps and such
- Upload your zip file (for python) into Elastic Beanstalk.
- Make alias record in Route 53
- Modify your load balancer to use https and be https accessible in Elastic Beanstalk.
1. Buy some domain name for registrar: AWS Route 53
[AWS Console]>[Route 53]>(Domains) Registered Domains
Click Register Domain and follow the steps.
2. Make certificate for domain name in Route 53 (use a catch-all certificate)
[AWS Console]>[Certificate Manager]>(Certificates) Certificate Manager
You should click Register Certificate and follow the necessary steps. You’ll provide a domain name, do DNS/Email validation and then be pretty much good to go.
3. Go to Elastic Beanstalk and create new application
[AWS Console]>[Elastic Beanstalk]>Environments
Click Create a new environment. When you’re prompted to “Select environment tier”, you should pick “Web server environment”. Proceed to the next step.
4. Upload your zip file (for python) + metadata into Elastic Beanstalk.
[AWS Console]>[Elastic Beanstalk]>Create environment
We’re following from the previous step. Here are some helpful screenshots:
Note! Images correspond to sequential steps in a left-to-right order.
Now, in the last step, you’ll need to upload a zip file (or jar file for java) and you can find the correct way to do so if you look here.
Once you are done, Create Environment.
5. Make alias record in Route 53
[AWS Console]>[Route 53]>Hosted Zones
Click on your domain name and proceed to the following window.
Click Create record.
You can actually find your AWS Elastic Beanstalk environment directly. Once you click Create Record, proceed to the next step.
6. Modify your load balancer to use https and be https accessible in Elastic Beanstalk.
[AWS Console]>[Elastic Beanstalk]>(<Your-Environment-Name>)
Go to (<Your-Environment-Name>)[Configuration]>(Load Balancer) Edit
Click +Add Listener.
Set your port to 443. Pick the correct SSL certificate and then Click Add.
THAT’S IT!
Your service endpoint should be accessible as https:<your-subdomain-name>. You can monitor your health, change capacity sizes, set environment properties and control instances. If you have any issues, check out the logs (you can get the last 100 lines); they’re usually pretty clear.
The ground source of truth should be the AWS docs, but hopefully this guide lays out the guide for setting up a HTTPS endpoint in an easy-to-understand manner. Doubts, questions, concerns? Give me a shout in the comments!