2

I have an aws_lb_listener that redirects all traffics to HTTPS but I would like to exclude certain paths. Is this possible? I only see a way to include not exclude.

resource "aws_lb_listener" "web_http" {
  load_balancer_arn = aws_lb.web.arn
  port              = "80"
  protocol          = "HTTP"

  default_action {
    type = "redirect"
    redirect {
      port        = "443"
      protocol    = "HTTPS"
      status_code = "HTTP_301" # permanent redirect
    }
  }
}
snickers_stickers
  • 129
  • 4

1 Answers1

1

You could make the redirect-to-https have a low priority — or high order as aws_lb_listener calls it — and create separate actions for the paths you want to exclude with a higher priority so that they get evaluated first.

Ali Samji
  • 479
  • 2
  • 7
  • nice that works! what actions do you create to prevent the redirects though? – snickers_stickers May 27 '21 at 00:14
  • It depends on what you want those other paths to do. You can have it provide a fixed response — like an error page — or have it forward the request to a target group. – Ali Samji May 27 '21 at 03:46
  • I just don't want the other paths to do anything -- just be static (e.g. comes from http --> goes to http) – snickers_stickers May 27 '21 at 06:20
  • Is your SSL on your web server instance or your load balancer? If the latter, you would need a forward action to send those paths to your web server over HTTP. If the former, you should be configuring these path rules through your virtual hosts on your web server software (Apache/Nginx), not via the load balancer. Also, why do you want to exclude certain paths from HTTPS? – Ali Samji May 27 '21 at 12:34