I’m trying to deploy an ElasticBeanstalk instance which has a loadbalancer rule to only forward requests to a target group when their Host header value matches an expected url. I’ve managed to setup this rule, but I want any other requests to get returned 400 responses.
In the setup that I have now, ElasticBeanstalk automatically uses the default action of forwarding traffic to the target group that it creates on both rules, but I’d like to change the default rule so it returns 400 responses.
Here’s part of the configuration that I’m working on (I’ve removed unrelated parts of the configuration as it would be too big):
const optionsCluster: elasticBeanstalk.CfnEnvironment.OptionSettingProperty[] = [
// Other config options,
{
namespace: 'aws:elasticbeanstalk:application',
optionName: 'Application Healthcheck URL',
value: config.searchHealthCheckPath
},
{
namespace: 'aws:elasticbeanstalk:environment:process:default',
optionName: 'HealthCheckPath',
value: config.searchHealthCheckPath
}
];
// More other configs..
const optionSSLCertificateArns: elasticBeanstalk.CfnEnvironment.OptionSettingProperty = {
namespace: "aws:elbv2:listener:443",
optionName: "SSLCertificateArns",
value: sslCertificateArn
};
const optionProtocol: elasticBeanstalk.CfnEnvironment.OptionSettingProperty = {
namespace: "aws:elbv2:listener:443",
optionName: "Protocol",
value: "HTTPS"
}
const optionHandleWhitelistedRequestRule: elasticBeanstalk.CfnEnvironment.OptionSettingProperty = {
namespace: "aws:elbv2:listenerrule:handleWhitelistedHosts",
optionName: "HostHeaders",
value: config.searchWhitelistedHost
}
const optionListener: elasticBeanstalk.CfnEnvironment.OptionSettingProperty = {
namespace: "aws:elbv2:listener:443",
optionName: "Rules",
value: "handleWhitelistedHosts"
}
const optionDefaultListenerEnabled: elasticBeanstalk.CfnEnvironment.OptionSettingProperty = {
namespace: "aws:elbv2:listener:default",
optionName: "ListenerEnabled",
value: "false"
};
optionsCluster.push(optionProtocol);
optionsCluster.push(optionSSLCertificateArns);
optionsCluster.push(optionListener)
optionsCluster.push(optionHandleWhitelistedRequestRule)
optionsCluster.push(optionDefaultListenerEnabled)
const options: elasticBeanstalk.CfnEnvironment.OptionSettingProperty[] = [
...optionsEnvironmentVariables,
...optionsVpc,
...optionsCluster,
...optionsAutoscaling,
];
const environment = new elasticBeanstalk.CfnEnvironment(scope, `<NAME>`, {
environmentName: `<NAME>`,
applicationName: appName,
solutionStackName: '64bit Amazon Linux 2023 v6.1.0 running Node.js 20',
versionLabel: version.ref,
optionSettings: options
});
The docs mention the DefaultProcess property, but I can’t find any way to set a fixed response or change the default process to point to the target group for the rule that is setup.
- Change ElasticBeanstalk default process: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-environmentprocess
- Change Port default process https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-elbv2-listener
ChatGPT keeps mentioning a DefaultAction setting, but this is rejected by the validation when I try to deploy:
namespace: 'aws:elb:listener:443',
optionName: 'DefaultAction',
value: JSON.stringify({
type: 'fixed-response',
fixedResponseConfig: {
statusCode: '400',
contentType: 'text/plain',
messageBody: '400 Bad Request',
},
}),
Thanks in advance!