| agent: |
jq9bwgsdCx4NHr0Pz057List all AWS ALB Listeners without HTTPS Redirection
List all AWS ALB Listeners without HTTPS Redirection
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.
This task identifies and lists AWS ALB listeners that are not configured to redirect HTTP traffic to HTTPS, potentially exposing unencrypted data in transit.
inputs
outputs
import boto3
from botocore.exceptions import ClientError
creds = _get_creds(cred_label)['creds']
access_key = creds['username']
secret_key = creds['password']
# target_region = 'us-east-1' # Set this to your desired region or None for all regions
# Initialize the EC2 client to get a list of all regions
ec2_client = boto3.client('ec2',aws_access_key_id=access_key,aws_secret_access_key=secret_key,region_name='us-east-1')
# If target_region is not defined or None, fetch all regions, otherwise use the provided region
regions = [region['RegionName'] for region in ec2_client.describe_regions()['Regions']] if not locals().get('target_region') else [target_region]
# Iterate through the selected regions to check ALB listeners
for region in regions:
elbv2_client = boto3.client('elbv2',aws_access_key_id=access_key,aws_secret_access_key=secret_key, region_name=region)
listeners_without_redirect = []
total_listeners = 0 # Counter to keep track of total listeners
print(f"\nChecking ALB listeners in region {region}...")
try:
alb_response = elbv2_client.describe_load_balancers()
except ClientError as e:
print(f"Error fetching ALB list in region {region}: {e}")
continue # Skip to the next region if there's an error fetching ALBs for this one
for lb in alb_response.get('LoadBalancers', []):
try:
listener_response = elbv2_client.describe_listeners(LoadBalancerArn=lb['LoadBalancerArn'])
total_listeners += len(listener_response['Listeners'])
except ClientError as e:
print(f"Error fetching listeners for ALB {lb['LoadBalancerName']} in region {region}: {e}")
continue # Skip to the next ALB if there's an error fetching listeners for this one
for listener in listener_response['Listeners']:
if listener['Protocol'] == 'HTTP':
redirect_actions = [action for action in listener['DefaultActions'] if action['Type'] == 'redirect']
if not redirect_actions:
listeners_without_redirect.append({
'Region': region,
'ALBName': lb['LoadBalancerName'],
'ListenerArn': listener['ListenerArn']
})
# Summary for the region
if total_listeners == 0:
print(f"No listeners found in region {region}.")
elif listeners_without_redirect:
print(listeners_without_redirect)
print(f"In region {region}, found {len(listeners_without_redirect)} listener(s) without HTTPS redirection:")
for listener_info in listeners_without_redirect:
print(f"Region: {listener_info['Region']}, ALB: {listener_info['ALBName']}, Listener ARN: {listener_info['ListenerArn']}")
else:
print(f"All listeners in region {region} have HTTPS redirection configured.")
context.skip_sub_tasks=True
copied