Go to AWS ACM Service
Request a certificate for your selected Hosted zone
Choose DNS validation if the hosted zone is from AWS else Email validation
Create Route53 record to trigger DNS validation
STEP-1 : Go to AWS Certificate Manager
STEP-2 : Click on Request Certificate.
STEP-3 : Select Request a public certificate. Click Next
STEP-4 : Enter your DNS.
STEP-5 : Click on Request.
STEP-6 : Open your Certificates and click on Create Records in Route 53
STEP-7 : Select your route 53 dns and click Create records.
Target Group
Go to AWS EC2 service
Create a target group using the port 443 and Controlplane EC2 instance
Add health check using
STEP-1 : Go to Target Group subsection in EC2 view.
STEP-2 : Click on Create target group in the top right side of the view.
STEP-3 : Specify your configurations.
Recommend Values
Option | Value |
Target Type | Instances |
Protocol | https/443 |
VPC | default |
Protocol version | HTTP1 |
Health check protocol | HTTPS |
Health check path | /api |
Advanced Health Settings | default |
STEP-4 : Click on Next
STEP-5 : Select your AWS instances.
STEP-6 : Add 443 as Ports for the selected instance. Click Include as pending below.
STEP-7 : Click on Create Target Group and your target group will be created.
Next, let’s create Load Balancer.
Load Balancer
Go to AWS LoadBalancer Service
Request Application Load Balancer
Choose HTTPS protocol
Select above created ACM and target group
STEP-1 : Go to Load Balancer in EC2 section view. Click on Create Load Balancer in top left side view.
STEP-2 : Click on Create in Application Load Balancer type. Specify your configuration.
Option | Value |
Scheme | Internet Facing |
IP address Type | IPv4 |
VPC | default |
Security Group | default |
Listener Protocol | HTTPS/443 |
Select a target group | Target Group created above |
Default SSL/TLS certificate | Select your route 53 certificate from acm |
Other Settings | default |
STEP-3 : Click on Create Load Balancer.
Route 53
Finally, go to AWS Route 53 Service
Create a Simple Route for your domain and point it to the above ALB
STEP-1 : Go to Hosted Zone in Route 53 section. If already created hosted zone then click the existing hosted zone or Create hosted zone.
STEP-2 : Click on Create Record after selecting your hosted zone.
Option | Value |
Record name | Keep it Empty |
Record Type | A |
Alias | Enable |
Region | Choose your ALB region |
Resources | Choose your ALB |
STEP-3 : Click on Create Records.
Now Route 53 will redirect traffic to your ALB.
Overall Control Flow of Roost
User Browser → Route53 → ALB → Target-Group → EC2 → Application
<< Networking setup for Private Roost ControlPlane. EC2 Instance Setup >>