bedrock-access-gateway icon indicating copy to clipboard operation
bedrock-access-gateway copied to clipboard
verified publisher icon aws-samples

SSL TLS Support

Open michaellatman opened this issue 1 year ago • 1 comments

Hello, I noticed this project deploys only a http url, SSL should probably be the default

michaellatman avatar Apr 18 '24 19:04 michaellatman

Thanks Michael for the issue.

Currently, there is no plan to add support of using SSL by default. However, you can fully customize the solution once it's deployed on AWS based on your need. Simply follow below steps and you will have the SSL enbled.

  1. Go to ALB and find the listerner rule, and change from port 80 (HTTP) to 443 (HTTPS) and associate that with an ACM certificate
  2. Change the security group inbound rule of the ALB to accept HTTPS inbound.
  3. Use Route53 for custom domain for the ALB (optional)
  4. Change your base url to https instead of http.

There is no need to change the code for this. Hope this helps.

daixba avatar Apr 18 '24 23:04 daixba

@daixba It would be great if this was a option in the CFN template. Offering a solution that's not https isn't a production ready solution.

Ideally an option in the CFN template that sets up the ALB and creates a cert with ACM.

sean-smith avatar Feb 04 '25 18:02 sean-smith

I created a guide on how to setup TLS https://github.com/aws-samples/bedrock-access-gateway/pull/101, please merge

sean-smith avatar Feb 06 '25 19:02 sean-smith