Creating a Target Group for Port 5443

1. Using the Find Services search tool, locate and browse to the EC2 dashboard.
2. In the left navigation panel, under Load Balancing, click Target Groups.
3. On the Target Groups management page, click Create target group.

4. On the Specify group details page, specify values for the following:
   1. Under Choose a target type, select Instances.
   2. Target group name: Select a descriptive name for easier identification; for example, srgdemo-5443-tg.
   3. Protocol: change to HTTPS.
   4. Port:Specify 5443.
   5. VPC: Select your VPC.
   6. Tags: (Optional) Add descriptive tags as desired.
   7. Health Checks: Under Health check protocol, select HTTPS. For path, specify /th/cmak.

5. Leave all other settings on the page at their default values, and click Next.
6. On the Register Targets page, set values for the following:
   1. Available instances:  Select your instances; however, do not select the bastion.
   2. Ports for the selected instances: For the selected instances, use the value you retrieved previously and recorded in the AWS worksheet as Node Port for Port 5443.

7. Click Include as pending below. All marked instances are added to the list of pending instances.

8. Click Create target group. You are redirected back to the target group management page.
9. From the list, select the newly created target group. From the bottom of the page, record its ARN in the AWS worksheet.

1. Run the following command:
   # aws elbv2 create-target-group \
--name <Target group 5443 Name> \
--protocol HTTPS \
--port 5443 \
--vpc-id <VPC ID> \
--health-check-protocol HTTPS \
--target-type instance

Where:

<Target group 5443 Name>: Specify a descriptive name, such as srgdemo-5443-tg, and record the value in the AWS worksheet.

<VPC ID>: The ID of your VPC as recorded in your AWS worksheet.

Example input and output:

# aws elbv2 create-target-group \
--name srgdemo-5443-tg \
--protocol HTTPS \
--port 5443 \
--vpc-id vpc-0143197ca9bd9c117 \
--health-check-protocol HTTPS \
--target-type instance

{
   "TargetGroups":[
      {
         "TargetGroupArn":"arn:aws:elasticloadbalancing:eu-central-\1:115370811111:targetgroup/srgdemo-3000-tg/c0684be94405b6b7",
         "TargetGroupName":"srgdemo-5443-tg",
         "Protocol":"HTTPS",
         "Port":5443,
         "VpcId":"vpc-0143197ca9bd9c117",
         "HealthCheckProtocol":"HTTPS",
         "HealthCheckPort":"traffic-port",
         "HealthCheckEnabled":true,
         "HealthCheckIntervalSeconds":30,
         "HealthCheckTimeoutSeconds":5,
         "HealthyThresholdCount":5,
         "UnhealthyThresholdCount":2,
         "HealthCheckPath":"/",
         "Matcher":{
            "HttpCode":"200"
         },
         "TargetType":"instance"
      }
   ]
}

2. From the output, record the value of TargetGroupArn in your AWS worksheet.

Tagging the Target Group (CLI)

Optionally, you can tag the target group for easier identification.

To tag the target group using the CLI:

1. Run the following command:
   # aws elbv2 add-tags \
--resource-arns <Target group 5443 ARN> \
--tags Key=owner,Value=<owner>

Example:

                    # aws elbv2 add-tags \
--resource-arns arn:aws:elasticloadbalancing:eu-central-1:115370811111:targetgroup/srgdemo-5443-tg/c0684be94405b6b7 \
--tags Key=owner,Value=srgdemo