I have an ECS Cluster with a task listening on for HTTP traffic on port 9090. I want to create an ALB to do the SSL termination and send the request onto the ECS task on port 9090. I got it to work with the ALB listening on port 80 - but not 443. It's still sending encrypted traffic to ECS. I see errors in the application logs showing the request being a jumbled mess (encrypted). There's a lot of different ports/target groups/etc and I think I'm just congused as to which to configure correctly:
ALB->Listener[port 443]->Target Group[port 9090]->ECS
Is creating a new ECS Service/Task the only way to make them a target group? You cannot pick it as an option when creating TGs through that UI.