AWS ALB with Context Path-Based Routing Using Terraform

The AMJ Cloud Technologies DevOps team designed and deployed an AWS Application Load Balancer (ALB) with context path-based routing in a custom VPC for TechPulse Solutions. Using Terraform, we created a scalable infrastructure that routes /* to a fixed response, /shop* to ShopService EC2 instances, and /api* to ApiService EC2 instances, ensuring automated, secure, and modular deployment for their multi-tenant application platform.

Situation

TechPulse Solutions required a robust Infrastructure-as-Code (IaC) solution to deploy an ALB with context path-based routing in a custom VPC. Their goal was to support a multi-tenant application platform, securely isolating ShopService and ApiService while ensuring scalability. Manual configurations were time-consuming, error-prone, and hindered rapid deployment for their growing customer base.

Task

Create a Terraform-based infrastructure in AWS us-east-1 with:

• A custom VPC with public and private subnets, Internet Gateway, and NAT Gateway.
• Two EC2 instances each for ShopService and ApiService in private subnets, running Apache with distinct content.
• Security groups for ALB (HTTP:80) and EC2 instances (HTTP:80 from ALB).
• An ALB with an HTTP:80 listener routing /* to a fixed response, /shop* to ShopService target group, and /api* to ApiService target group.
• Modular Terraform code with consistent tagging (Environment=production, Project=ALB-Routing, Owner=Web-Team).
• Completion within three months.

Action

Our DevOps team implemented the following using Terraform, coding and validating key configurations:

Define Input Variables

• Example from variables.tf:

  variable "aws_region" {
    description = "AWS region"
    type        = string
    default     = "us-east-1"
  }
  variable "target_group_names" {
    description = "Names of the target groups"
    type        = list(string)
    default     = ["shopservice-tg", "apiservice-tg"]
  }

Configure ALB Routing

• Example from alb.tf:

  module "alb" {
    source  = "terraform-aws-modules/alb/aws"
    version = "9.17.0"
    name               = "techpulse-alb"
    load_balancer_type = "application"
    vpc_id             = module.vpc.vpc_id
    subnets            = module.vpc.public_subnets
    security_groups    = [module.loadbalancer_sg.security_group_id]
    target_groups = [
      {
        name             = var.target_group_names[0]
        backend_protocol = "HTTP"
        backend_port     = 80
        target_type      = "instance"
        health_check = {
          path = "/shop/index.html"
        }
      },
      {
        name             = var.target_group_names[1]
        backend_protocol = "HTTP"
        backend_port     = 80
        target_type      = "instance"
        health_check = {
          path = "/api/index.html"
        }
      }
    ]
    http_tcp_listeners = [
      {
        port        = 80
        protocol    = "HTTP"
        action_type = "fixed-response"
        fixed_response = {
          content_type = "text/plain"
          message_body = "Welcome to TechPulse Solutions"
          status_code  = "200"
        }
      }
    ]
    http_tcp_listener_rules = [
      {
        listener_index = 0
        priority       = 1
        actions = [{
          type               = "forward"
          target_group_index = 0
        }]
        conditions = [{
          path_patterns = ["/shop*"]
        }]
      },
      {
        listener_index = 0
        priority       = 2
        actions = [{
          type               = "forward"
          target_group_index = 1
        }]
        conditions = [{
          path_patterns = ["/api*"]
        }]
      }
    ]
    tags = {
      Environment = "production"
      Project     = "ALB-Routing"
    }
  }

Deploy ShopService EC2 Instances

• Example from ec2instance-shopservice.tf:

  module "ec2_shopservice" {
    source  = "terraform-aws-modules/ec2-instance/aws"
    version = "6.0.2"
    for_each = toset(["shopservice-instance1", "shopservice-instance2"])
    name                   = "techpulse-${each.key}"
    ami                    = data.aws_ami.amazon_linux.id
    instance_type          = var.instance_type
    vpc_security_group_ids = [module.private_sg.security_group_id]
    subnet_id              = module.vpc.private_subnets[0]
    user_data              = file("shopservice-install.sh")
    tags = {
      Environment = "production"
      Project     = "ALB-Routing"
      Owner       = "Web-Team"
    }
  }

• Example from shopservice-install.sh:

  #!/bin/bash
  yum update -y
  yum install -y httpd
  systemctl start httpd
  systemctl enable httpd
  mkdir -p /var/www/html/shop
  echo "<h1>Welcome to TechPulse ShopService</h1>" > /var/www/html/shop/index.html

Result

The AMJ Cloud Technologies DevOps team delivered for TechPulse Solutions:

• Deployment Automation: Fully automated VPC, ALB, and EC2 provisioning, enabling rapid deployment.
• Routing Efficiency: Accurate routing for /* (fixed response), /shop* (ShopService), and /api* (ApiService).
• Security Improvement: EC2 instances in private subnets with restricted access via security groups.
• Setup Time Reduction: Reduced from hours to minutes, supporting TechPulse’s multi-tenant platform.

Technologies Used

• AWS Application Load Balancer
• AWS VPC
• AWS EC2
• AWS Security Groups
• Terraform

Key Takeaways

This project highlights my expertise as a DevOps engineer at AMJ Cloud Technologies in designing and implementing a scalable AWS infrastructure using Terraform, enabling secure path-based routing for TechPulse Solutions’ multi-tenant application platform.

Architectural Diagram