PRP-172 Set up DNS - Githubissues

navapbc / wic-participant-recertification-portal

https://navapbc.github.io/wic-participant-recertification-portal/

Apache License 2.0

0 stars 1 forks source link

PRP-172 Set up DNS #43

Closed aplybeah closed 1 year ago

aplybeah commented 1 year ago

Ticket

https://wicmtdp.atlassian.net/browse/PRP-172

Changes

updated port 80 rule to redirect instead of fixed-response
added port 443 listener with certificate and ssl policy
added certificate for wic-services.org and *.wic-services.org and registered it with our domain

Context for reviewers

We need to set up certificates in ACM, DNS management with Route 53, TLS, and confirm friendly url name

Testing

When complete users should be able to see the production environment here: wic-services.org
other environments are accessible at dev.wic-services.org and staging.wic-services.org respectively
checkov tests should pass:
- CKV_AWS_260 (Disallow ingress from 0.0.0.0:0 to port 80),
- CKV_AWS_2 (Implement HTTPS)
- CKV_AWS_103 (Require TLS 1.2 as part of implementing HTTPS support),
- CKV2_AWS_20 (redirect HTTP to HTTPS)