• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

elb

AWS ELB SSL Listener

January 31, 2022

Here’s how to update SSL certificates to AWS ELB.

Import SSL certificate

aws acm import-certificate \
--certificate fileb://example.crt \
--private-key fileb://example.key \
--certificate-chain fileb://example-bundle.crt \
--tags Key=Name,Value=mydomain.com_20220107 \
--profile default

aws acm import-certificate \ --certificate fileb://example.crt \ --private-key fileb://example.key \ --certificate-chain fileb://example-bundle.crt \ --tags Key=Name,Value=mydomain.com_20220107 \ --profile default

Add SSL to a listener.

aws elbv2 add-listener-certificates \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 add-listener-certificates \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Modify listener. Set SSL certificate as default.

aws elbv2 modify-listener \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 modify-listener \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Remove SSL from a listener.

aws elbv2 remove-listener-certificates \
--listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \
--certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \
--profile default

aws elbv2 remove-listener-certificates \ --listener-arn arn:aws:elasticloadbalancing:us-east-1:xxxxxxxxxxxxx:listener/app/elbname/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx \ --certificates CertificateArn=arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx \ --profile default

Filed Under: Linux Tagged With: add, aws, certificate, default, elb, listener, remove, ssl

AWS List of Application LB

August 17, 2020

Here’s how to display a list of application load balancers.

aws elbv2 describe-load-balancers --profile --region us-east-1

aws elbv2 describe-load-balancers --profile --region us-east-1

Here’s how to display classic load balancers.

aws elb describe-load-balancers --profile --region us-east-1

aws elb describe-load-balancers --profile --region us-east-1

Filed Under: Cloud Tagged With: application, aws cli, elb, elbv2, load balancer

Change DNS Records in Route 53 via CLI

June 14, 2019

How to change DNS records in Route 53 via AWS CLI.

  • Assuming AWS CLI is already configured
  • Uses Route53 change-resource-record-sets to update DNS records
  • Substitute with your own hosted-zone-id
  • Uses JSON files containing record sets
  • See JSON file examples below
cd /path/to/scripts/
# the command to switch to the elb
aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json
# the command to switch to standard site
aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json

cd /path/to/scripts/ # the command to switch to the elb aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json # the command to switch to standard site aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json

elb.json = points to AWS ELB (elastic load balancer)

{
   "Comment": "back to elb",
   "Changes": [
      {
         "Action": "UPSERT",
         "ResourceRecordSet": {
            "Name": "yourdomain.com",
            "Type": "A",
            "AliasTarget": {
               "HostedZoneId": "xxxxxxxxxxxxxx",
               "EvaluateTargetHealth": false,
               "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com."
            }
         }
      }
   ]
}

{ "Comment": "back to elb", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "AliasTarget": { "HostedZoneId": "xxxxxxxxxxxxxx", "EvaluateTargetHealth": false, "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com." } } } ] }

live.json = points to your standard site. Value is your IP Address.

{
   "Comment": "back to live",
   "Changes": [
      {
         "Action": "UPSERT",
         "ResourceRecordSet": {
            "Name": "yourdomain.com",
            "Type": "A",
            "TTL": 60,
            "ResourceRecords": [
               {
                  "Value": "xxx.xxx.xxx.xxx"
               }
            ]
         }
      }
   ]
}

{ "Comment": "back to live", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "TTL": 60, "ResourceRecords": [ { "Value": "xxx.xxx.xxx.xxx" } ] } } ] }

Filed Under: Cloud Tagged With: change, cli, dns, domains, elb, json, records, route 53

  • Home
  • About
  • Archives

Copyright © 2023