Blog Post

AWS ALB HTTP Header-Based Routing and Advanced Redirects with Terraform

June 2, 2025 AWS, DevOps, Infrastructure, Terraform by Reza

AWS ALB HTTP Header-Based Routing and Advanced Redirects with Terraform

Welcome back to my Terraform for AWS series focused on helping beginner DevOps engineers! 👋

In the previous part of this series, we implemented host-based routing for multiple applications behind an ALB. In this article, we take it further with HTTP Header-Based Routing and Redirect Rules.

This builds directly on our ALB module and expands the listener rules.

🔄 Key Changes Introduced in This Part

1. Listener Rules – HTTP Header-Based Routing

We replaced host-based rules with http_header-based routing. Instead of routing based on domain names, now traffic is routed based on a specific HTTP header called custom-header.

myapp1-rule = {
  actions = [{
    type = "weighted-forward"
    target_groups = [{
      target_group_key = "mytg1"
      weight = 1
    }]
    stickiness = {
      enabled  = true
      duration = 3600
    }
  }]
  conditions = [{
    http_header = {
      http_header_name = "custom-header"
      values = ["app-1", "app1", "my-app-1"]
    }
  }]
}

This block creates a routing rule that checks the HTTP header custom-header for values like app-1, app1, or my-app-1. If matched, traffic is forwarded to the target group mytg1. A similar block exists for mytg2 with header values app-2, app2, and my-app-2.

This is useful in multi-tenant apps or for routing based on custom API headers.

2. Redirect Rules Based on Query String and Host Header

We added two advanced redirect rules that demonstrate ALB’s flexibility:

A. Redirect by Query String

my-redirect-query = {
  priority = 3
  actions = [{
    type        = "redirect"
    status_code = "HTTP_302"
    host        = "rezaops.com"
    path        = "/dummy-query-redirect"
    protocol    = "HTTPS"
  }]
  conditions = [{
    query_string = {
      key   = "website"
      value = "aws-eks"
    }
  }]
}

➡️ If a request contains ?website=aws-eks, it will be redirected to https://rezaops.com/dummy-query-redirect. This is helpful for search-based or campaign-based routing.

B. Redirect by Host Header

my-redirect-hh = {
  priority = 4
  actions = [{
    type        = "redirect"
    status_code = "HTTP_302"
    host        = "rezaops.com"
    path        = "/dummy-host-header-redirect"
    protocol    = "HTTPS"
  }]
  conditions = [{
    host_header = {
      values = ["azure-aks11.rezaops.com"]
    }
  }]
}

➡️ This rule checks for the host header azure-aks11.rezaops.com and performs a redirect to a dummy path on rezaops.com. You can use this technique to guide users from deprecated subdomains to new paths or services.

These two examples show how to apply precise and user-friendly redirection logic at the load balancer level.

✅ What Stayed the Same

The ALB module version, target groups, and EC2 attachments remain unchanged:

Target groups mytg1 and mytg2 are still configured with HTTP health checks.
We use aws_lb_target_group_attachment to attach private EC2s to these target groups.

This consistency ensures zero disruption while adding new rules and behaviors.

📘 Summary

This part demonstrated how to:

Route traffic using custom HTTP headers
Configure advanced redirects using query strings and host headers

These techniques allow more granular control in multi-app, multi-tenant, or redirection-heavy environments.

📢 Coming Up Next:
Our next topic covers ALB-based redirects triggered by HTTP headers and query strings..

Stay tuned, and let me know your thoughts or questions in the comments!

Tags: Advanced Redirects ALB Rules Application Load Balancer AWS Beginner Friendly Cloud Architecture Cloud Networking DevOps HTTP Header Routing HTTPS Infrastructure as Code Load Balancing Routing Logic SRE Terraform Terraform Modules TLS

Write a comment