Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conditional redirect due to cutting the path value #387

Open
SergeySypalo opened this issue Nov 12, 2024 · 1 comment
Open

Conditional redirect due to cutting the path value #387

SergeySypalo opened this issue Nov 12, 2024 · 1 comment
Labels
stale

Comments

@SergeySypalo
Copy link

Description

I was building a private S3 website behind the штеуктфд load balancer using this guide:
https://aws.amazon.com/blogs/networking-and-content-delivery/hosting-internal-https-static-websites-with-alb-s3-and-privatelink/
Manually everything worked, but not via Terraform

Versions

  • Module version: 9.12.0

  • Terraform version: 1.98.0

  • Provider version(s): 5.75.1

Reproduction Code [Required]

module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "~> 9.12.0"

  name               = "serg-test-internal-alb"
  load_balancer_type = "application"
  internal           = true
  vpc_id             = local.vpc_id
  subnets            = local.private_subnet_ids
  security_groups    = [module.alb_sg.security_group_id]

  listeners = {
    ex-http-https-redirect = {
      port     = 80
      protocol = "HTTP"
      redirect = {
        port        = "443"
        protocol    = "HTTPS"
        status_code = "HTTP_301"
      }
    }
    ex-https = {
      port            = 443
      protocol        = "HTTPS"
      certificate_arn = module.acm.acm_certificate_arn
      forward = {
        target_group_key = "s3_vpce"
      }

      rules = {
        "web-redirect" = {
          priority = 100
          conditions = [{
            path_pattern = {
              values = ["*/"]
            }
          }]
          actions = [{
            type        = "redirect"
            status_code = "HTTP_301"
            redirect = {
              port  = "#{port}"
              host  = "#{host}"
              path  = "/#{path}index.html"
              query = "#{query}"
            }
          }]
        }
      }
    }
  }

  target_groups = {
    s3_vpce = {
      name_prefix      = "web"
      backend_protocol = "HTTP"
      backend_port     = 80
      target_type      = "ip"

      health_check = {
        enabled             = true
        interval            = 30
        path                = "/"
        port                = 80
        healthy_threshold   = 5
        unhealthy_threshold = 2
        timeout             = 5
        protocol            = "HTTP"
        matcher             = "200,307,405"
      }

      create_attachment = false
    }
  }

  tags = local.tags
}

Steps to reproduce the behavior:

feel free to replace acm and other local variable wit your values

Expected behavior

Terraform plan should show that it will create a path as I defined

  • redirect {
    + host = "#{host}"
    + path = "/#{path}index.html"
    + port = "#{port}"
    + protocol = "HTTPS"
    + query = "#{query}"
    + status_code = "HTTP_301"
    }

Actual behavior

But it cut index.html.part

  • redirect {
    + host = "#{host}"
    + path = "/#{path}index.html"
    + port = "#{port}"
    + protocol = "HTTPS"
    + query = "#{query}"
    + status_code = "HTTP_301"
    }

Terminal Output Screenshot(s)

That's why I keep on seeing this error, and and basically terraform apply failed:
module.alb.aws_lb_listener_rule.this["ex-https/web-redirect"]: Creating...

│ Error: creating ELBv2 Listener Rule: operation error Elastic Load Balancing v2: CreateRule, https response error StatusCode: 400, RequestID: 3453453-7b38-48ed-a177-34534543, InvalidLoadBalancerAction: The redirect configuration is not valid because it creates a loop.

Additional context

So as a fix, I commented rules section in ALB module and created them like this and the path was created as I provided, with index.html in the end:

resource "aws_lb_listener_rule" "web_redirect" {
  listener_arn = module.alb.listeners["ex-https"].arn
  priority     = 10

  action {
    type = "redirect"
    redirect {
      protocol    = "HTTPS"
      status_code = "HTTP_301"
      port        = "#{port}"
      host        = "#{host}"
      path        = "/#{path}index.html"
      query       = "#{query}"
    }
  }

  condition {
    path_pattern {
      values = ["*/"]
    }
  }
}
@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

@github-actions github-actions bot added the stale label Dec 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SergeySypalo