Search code examples
node.jsamazon-web-servicesamazon-s3amazon-ec2elastic-load-balancer

How to configure Nodejs that is in AWS EC2 Instance to accept HTTPS request from client side

I would like to ask about how to configure Nodejs (backend/server) to accept HTTPS request from client side (Front end).

What we did.

  • Registered domain name in AWS.
  • List item
  • Requested SSL in ACM.
  • Create bucket in S3, and store our front-end code (angular 5) inside of it.
  • Created distribution in cloud front and put our custom ssl there and connect to bucket in S3.
  • We set up also ec2 instance and store our back-end code (node js) there.
  • In our front end code we connect to the ip of our ec2 instances so that we can connect to backend.

The problem:

  • The front-end can't access the backend in ec2 instances because the front end is https and the backend is http (we don't know how to configure it from http to https in AWS EC2 Instance).
  • Do you know how to setup web app in aws which front end and backend code is separated?
  • What did we missed?
Solution

  • What did we missed?

    If I understand you correctly, you have a Cloudfront distribution serving angular which is then attempting to connect to an EC2 instance - I presume the IP address or public DNS entry for the EC2 is hard-coded into the angular code.

    This is not a good arrangement - if your EC2 goes down or the IP address changes you will need to push a new site to S3 - and then this change will take time to propagate through Cloudfront.

    What you should rather be doing is this.

    1. create an application load balancer
    2. create a target group and add your EC2 to that target group.
    3. add a listener on the ALB, listening on the port your web app connects on, with a rule that forwards to the HTTP port of the back-end EC2.
    4. Add a route 53 DNS Alias record for the ALB (because ALBs do sometimes go away or change their IP address)
    5. Change your front-end code to point at the Route 53 Alias record.

    (This is an incredibly simplistic way of doing things that leaves your EC2 open to the internet etc etc).

    You should also give serious thought to putting your EC2 into an autoscaling group that spans at least two availability zones, and to setting its minimum size to ensure at least servers are running at any one time.

    AWS EC2 instances can go away at any time, and when they do your app goes down with them.