Background: My division of bigcorp.com was sold off and now we are lilcorp.com. We have a fleet of appliances deployed that will be looking for software updates on https://updates.bigcorp.com/, but since we no longer control bigcorp.com, we need to update our appliances to check https://updates.lilcorp.com. bigcorp has given us a cert for updates.bigcorp.com and has a DNS CNAME in place that forwards traffic for updates.bigcorp.com to server.lilcorp.com.
I'm trying to config things like this:
HTTPS HTTPS
Appliance -----------> ELB -----------> CloudFront ----------> S3
Cert for Cert for
updates. updates.
bigcorp. lilcorp.
com com
I've got the following DNS records in place:
CloudFront is configured to use an S3 bucket as its origin.
Status: Things work if I hit CloudFront directly, but that doesn't help since the appliances are hitting the updates.bigcorp.com address.
Questions:
Thanks in advance.
Can an ELB forward to a CloudFront deployment? I'm not seeing how to make it a "target".
No it cannot. The target (for ALB) can be only an private IP address, lambda and instance id.
Do I need to put a web server in the middle of this to handle the redirect/forward?
Yes, you would need some kind of proxy. With ALB, you could use lambda function. So ALB would invoke a lambda function, and the function would query external CloudFront distro and return the results.