Skip to main content
All CollectionsMonitoringTests
Test 299: AWS Application Load Balancer Redirects HTTP to HTTPS
Test 299: AWS Application Load Balancer Redirects HTTP to HTTPS

Drata validates that for all AWS Application Load Balancer listeners, there is has a rule that redirects unencrypted HTTP traffic to HTTPS.

Updated over 2 weeks ago

ASSOCIATED DRATA CONTROL

This test is part of the Encryption in Transit control (DCF-55) that ensures data in transit is encrypted using strong cryptographic algorithms.

WHAT TO DO IF A TEST FAILS

If Drata finds that one or more AWS Application Load Balancer listeners do not have a rule that redirects unencrypted HTTP traffic to HTTPS, the test will fail.

STEPS TO REMEDIATE

  1. Sign into AWS Management Console and go to the Amazon EC2 Console.

  2. In navigation panel, choose 'Load Balancers' under 'Load Balancing' and select the Application Load Balancer that is failing this test.

  3. Select the 'Listener' tab in the lower pane and edit the HTTP listener.

  4. If an HTTP (port 80) does not already exist, click on 'Add listener' and create an HTTP listener.

    • If it exists, click on 'view/edit rules'.

  5. Configure the redirect rule by clicking the '+' icon and set the condition to match all incoming HTTP requests and for the action, choose 'Redirect to' and configure it as follows:

    • Protocol: HTTPS

    • Port: 443

    • Status code: 301 (Moved permanently) or 302 (found)

  6. Save the rule and and repeat for each failing load balancer listener.

Did this answer your question?