I've an app running on AWS. Currently, my frontend is hosted on S3/cloudfront which communicates with my EC2 instance through a Elastic Load Balancing (ELB). ELB handles the SSL certificate.
I just have one EC2 instance. So, I don't really need the ELB. My free tier period is over... ELB representer 40% of my bill !
How can I get rid of ELB without losing the SSL configuration ?
Thanks in advance !
The best approach to keep an AWS ACM SSL whilst removing your load balancer would be to instead use CloudFront for your EC2 host.
If this is a different domain to your existing CloudFront distribution, you would need to create a new one which will serve your app traffic. This would have a custom origin that would resolve to the public CNAME of the EC2 host (this will require the EC2 host to be publicly resolvable).
IF it shares the same domain, your CloudFront distribution would need to be updated to include a secondary behaviour that maps to your EC2 hosts public hostname.
Please note for this option your instance must be public, this means that it is possibly to bypass CloudFront to perform this option. If you do not have a valid SSL on this EC2 host you will need to configure the CloudFront distribution to speak to the origin using HTTP.
An alternative (or combined option) would be to use a service such as certbot that can generate a valid SSL for your domain. This will ensure any public ingress to the instance can be encrypted securely over HTTPS.