How do I configure Kubernetes ingress to accept HTTPS only?

Context When running applications in Kubernetes with a load balancer, you may want to enforce HTTPS-only connections for enhanced security. This is particularly important when using services like Cloudflare as your edge proxy and wanting to ensure all traffic is encrypted. Answer To configure your Kubernetes cluster to accept HTTPS connections only through AWS Load Balancer, follow these steps: Remove the HTTP Listener Port (port 80) configuration from your Load Balancer settings while keeping the HTTPS Listener Port (443) Ensure your IngressClass is configured for HTTPS only Configure your HTTPS Listener Port to 443 Verify your Certificate ARN is properly set for SSL/TLS termination If you're using Cloudflare as your edge proxy: Enable "Always Use HTTPS" in your Cloudflare configuration to automatically redirect HTTP to HTTPS at the edge level This eliminates the need for HTTP to HTTPS redirect at the Load Balancer level Consider enabling HTTP Strict Transport Security (HSTS) for additional security This configuration ensures that your application only accepts secure HTTPS connections, improving your security posture by preventing unencrypted traffic from reaching your services.