Merge pull request #36 from hashicorp/bf-add-port-80

Brandon Ferguson · web-flow · commit 86d56f27de36 · 2019-11-08T14:27:00.000+01:00
Open up port 80 and have the LB forward to 443
diff --git a/modules/common-user-vpc/security_groups.tf b/modules/common-user-vpc/security_groups.tf
@@ -52,6 +52,16 @@ resource "aws_security_group" "allow_ptfe" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 
+  ingress {
+    description = "http to ptfe application"
+
+    protocol  = "tcp"
+    from_port = 80
+    to_port   = 80
+
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
   ingress {
     description = "https to ptfe application"
 
diff --git a/modules/lb/elb.tf b/modules/lb/elb.tf
@@ -37,6 +37,22 @@ resource "aws_lb_target_group" "admin" {
   }
 }
 
+resource "aws_lb_listener" "http" {
+  load_balancer_arn = "${aws_lb.ptfe.arn}"
+  port              = "80"
+  protocol          = "HTTP"
+
+  default_action {
+    type = "redirect"
+
+    redirect {
+      port        = "443"
+      protocol    = "HTTPS"
+      status_code = "HTTP_301"
+    }
+  }
+}
+
 resource "aws_lb_listener" "https" {
   load_balancer_arn = "${aws_lb.ptfe.arn}"
   port              = "443"
diff --git a/modules/lb/security-groups.tf b/modules/lb/security-groups.tf
@@ -39,6 +39,14 @@ resource "aws_security_group" "lb_public" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 
+  ingress {
+    description = "http to ptfe application"
+    protocol    = "tcp"
+    from_port   = 80
+    to_port     = 80
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
   ingress {
     description = "https to ptfe application"
     protocol    = "tcp"
