Add endpoints

Endpoints represent the FQDN or the IP address that clients connect to. It can be internal, that is within the VPC. Clients can access the application only within the internal network. If an external endpoint is selected, any client can access the application over the internet.

The FQDN can be auto-allocated or user-defined. Auto-allocated lets you use a DNS provider other than AWS Route 53. The FQDN is displayed after you deploy the application. You must add this FQDN as a CNAME in your authoritative DNS zone configuration. User-defined lets you use AWS Route 53 as a DNS provider to host your application’s FQDN. You must have bought and registered a domain with Route 53. That is, the zone must be properly acquired from AWS or delegated to AWS. For more information, see https://docs.aws.amazon.com/acm/latest/userguide/setup-domain.html. For example, if the registered zone is example.net and the domain is app1, then app1.example.net is the FQDN that clients connect to access your app.

An endpoint must have a default content route associated with it. The route includes the conditions and a target service. If the traffic matches the condition, the request is directed to the specified service.

Choose the clients who can access your application. Select Internal to deliver your application privately within the VPC. Only clients within the data center or VPC can access the application. Select External to deliver your application publicly. Any client on the internet can access the application.

Also specify the FQDN generation mode. Select Auto-allocated if you want to use a DNS provider other than Route 53 to host your application’s FQDN. The auto-allocated application FQDN is displayed in the Application dashboard after the application is deployed. Configure your application FQDN in your DNS provider as a CNAME record by using the auto-allocated FQDN. Select User-defined if you want to use Route 53 as a DNS provider to host your application’s FQDN. The application FQDN’s DNS zone must already be hosted in Route 53. Define an FQDN for the application. It is auto-configured in Route 53 during application deployment.

You can create or select an endpoint.

Follow these steps to select an endpoint.

  1. Navigate to Applications > New Application.
  2. Specify basic details, such as name of the application, environment, and services. For more information, see Deliver an application.
  3. Click Select.
  4. In the Select Endpoint page, select an endpoint from the list and click Add.

Follow these steps to create an endpoint.

  1. Navigate to Applications > New Application.
  2. Specify basic details, such as name of the application, environment, and services. For more information, see Deliver an application.
  3. Click Create.
  4. Specify values for the following parameters:
    • Name
    • Access: Specify Internal or External.
    • FQDN: Specify Auto allocated or User defined.
    • Protocol: Specify HTTP or HTTPS. If you select HTTPS, you must add a certificate and optionally, add an SSL policy to get an A+ rating for your applications. For more information, see Add an SSL certificate. You can select one or more certificates, if present, from the list. Select Auto Redirect HTTP traffic to HTTPS to ensure that the clients communicate over secure SSL.
    • Port
  5. Click Create.

    Create endpoint

  6. (Optional) To add a route based on some conditions click Add. Specify a name, condition, and a target service. Click Add.

    Add a route

  7. To add a default route, select a service from the Default Content route list. Click Add Default Content route. Requests that do match any condition are forwarded to this service.

    Default route

You have completed the steps to create an endpoint. Select from one of the following options:

  • Click Next to configure a load balancer, content rules, and security protection.
  • Click Deploy to start application delivery.

Add an SSL certificate

Add an SSL certificate if you select the HTTPS protocol. You can add an SSL certificate in the endpoint workflow or using the SSL Certificate Manager. For more information about the SSL Certificate Manager, see Manage SSL certificates.

Add an SSL certificate while adding an endpoint

  1. Click Add SSL Certificate.
  2. In the Select SSL Certificates page, click Create SSL Certificate.
  3. In the Create SSL Certificate page, type a certificate name.
  4. Browse to the location of the certificate and key file on your computer.
  5. If the key is encrypted, add a password.
  6. To add the certificate in the certificate chain, select Add certificate in certificate chain.
  7. Click Create.

Get an A+ rating from Qualys Labs

Perform the following actions to get an A+ rating from Qualys Labs for your applications.

  1. Click Add SSL Policy.
  2. In the Create SSL Policy page, type a name for the policy.
  3. Select A+ Security.
  4. Click Create.
Add endpoints