Skip to content

Creating ELB Elastic Load Balancer

Jump to bottom Edit New page
Timothy Kay edited this page Oct 2, 2013 · 2 revisions

Make sure to download "aws" dated at least 2013-10-01, as it adds support for specifying an SSL certificate.

Here is an example of how to create an HTTP endpoint:

$ aws clb MyLoadBalancer --availability-zone us-east-1d --protocol HTTP --loadbalancerport 80 --instanceport 80

If you change to HTTPS / 443, it complains "Secure Listeners need to specify a SSLCertificateId", so you need to upload a server certificate first. They are handled by IAM. I don't see anything in the AWS Console IAM section to deal with them.

To upload a server certificate:

$ aws servercertupload -s MyCertificate -b cert/server.crt -k cert/server.key

To list server certificates:

$ aws servercertlistbypath

You can find the arn in the list. The one I just created:

arn:aws:iam::262088988105:server-certificate/MyCertificate

(It's a self-signed certificate. Feel free to use it. You'll get encryption but no server authentication. Thus, the browser will ask you if you are sure.)

Then to create the load balancer:

$ aws clb MyLoadBalancer --availability-zone us-east-1d --protocol HTTPS --loadbalancerport 443 --instanceport 80 --sslcertificateid arn:aws:iam::262088988105:server-certificate/MyCertificate

Also, if you want to add more listeners (more ports) at creation time, "aws" currently does not support that. Let me know if you need it.

More on certificates: http://docs.aws.amazon.com/IAM/latest/UserGuide/actionsIAMServerCerts.html

Add a custom footer
Add a custom sidebar
Clone this wiki locally