AWS ALB with HTTP Header Query String and Redirects using Terraform

AWS ALB with HTTP Header, Query String, and Redirects using Terraform

The AMJ Cloud Technologies DevOps team designed and deployed a scalable web application (StoreFront) for RetailWeb Solutions using Terraform. The infrastructure features an Application Load Balancer (ALB) with HTTP header and query string-based routing, HTTPS redirects, an Auto Scaling Group (ASG), and Route 53 DNS registration (alb.retailwebsolutions.com). This solution ensures high availability, dynamic traffic management, and secure access for their customer-facing retail platform.

Situation

RetailWeb Solutions required a scalable web application infrastructure to support their StoreFront application, with advanced routing based on HTTP headers (e.g., User-Agent for mobile users) and query strings (e.g., app=storefront) to optimize user experience. Manual load balancer setups were inefficient, and HTTP-to-HTTPS redirection was needed for security. The AMJ Cloud Technologies DevOps team was tasked with creating an automated, Terraform-based infrastructure to deliver dynamic routing, autoscaling, and secure access without a database component.

Task

The objective was to create a Terraform-based infrastructure in AWS us-east-2 with:

• A VPC with public and private subnets.
• An ALB with:
  • HTTP listener (port 80) redirecting to HTTPS (port 443).
  • HTTPS listener (port 443) with rules for:
    • HTTP header-based routing (User-Agent containing Mobile).
    • Query string-based routing (app=storefront).
    • Default forwarding to StoreFront.
• An ACM certificate for alb.retailwebsolutions.com registered in Route 53.
• Two launch templates: base (10 GB EBS) and StoreFront-specific (15 GB EBS, HTTPD user data).
• An ASG with 2/2/10 desired/min/max capacity, SNS notifications to ops@retailwebsolutions.com, CPU-based TTSP (50%), ALB request-based TTSP (10 per target), and scheduled actions (8 instances at 7 AM, 2 at 5 PM EST).
• Outputs for ALB, launch template, and ASG details.
• Support for launch template updates (e.g., EBS to 20 GB) with instance refresh.
• Terraform best practices: modular files, consistent tagging (Environment=production, Project=RetailWeb-ASG, Owner=RetailWeb-Team, Domain=retailwebsolutions.com), pinned module versions, dynamic AMI selection, and secure key management.
• Completion within three months.

Action

The AMJ Cloud Technologies DevOps team implemented the following using Terraform, with key configurations coded and tested to ensure a reliable solution:

Define Input Variables

• Example from variables.tf:

  variable "aws_region" {
    description = "AWS region"
    type        = string
    default     = "us-east-2"
  }
  variable "domain_name" {
    description = "Domain name for ALB routing"
    type        = string
    default     = "retailwebsolutions.com"
  }
  variable "instance_type" {
    description = "EC2 instance type"
    type        = string
    default     = "t3.micro"
  }

Configure ALB with Advanced Routing

• Example from alb.tf:

  module "alb" {
    source  = "terraform-aws-modules/alb/aws"
    version = "9.17.0"
    name               = "retailweb-alb"
    load_balancer_type = "application"
    vpc_id             = module.vpc.vpc_id
    subnets            = module.vpc.public_subnets
    security_groups    = [module.alb_sg.security_group_id]
    target_groups = [
      {
        name             = "storefront-tg"
        backend_protocol = "HTTP"
        backend_port     = 80
        target_type      = "instance"
        health_check = {
          path = "/storefront/index.html"
        }
      }
    ]
    http_tcp_listeners = [
      {
        port        = 80
        protocol    = "HTTP"
        action_type = "redirect"
        redirect = {
          port        = "443"
          protocol    = "HTTPS"
          status_code = "HTTP_301"
        }
      }
    ]
    https_listeners = [
      {
        port               = 443
        protocol           = "HTTPS"
        certificate_arn    = aws_acm_certificate.alb.arn
        action_type        = "forward"
        target_group_index = 0
      }
    ]
    https_listener_rules = [
      {
        https_listener_index = 0
        actions = [{
          type               = "forward"
          target_group_index = 0
        }]
        conditions = [{
          http_headers = [{
            http_header_name = "User-Agent"
            values           = ["*Mobile*"]
          }]
        }]
      },
      {
        https_listener_index = 0
        actions = [{
          type               = "forward"
          target_group_index = 0
        }]
        conditions = [{
          query_strings = [{
            key   = "app"
            value = "storefront"
          }]
        }]
      }
    ]
    tags = {
      Environment = "production"
      Project     = "RetailWeb-ASG"
      Owner       = "RetailWeb-Team"
      Domain      = "retailwebsolutions.com"
    }
  }

Configure StoreFront Launch Template

• Example from launch-template.tf:

  resource "aws_launch_template" "storefront_launch_template" {
    name          = "retailweb-storefront"
    image_id      = data.aws_ami.amazon_linux.id
    instance_type = var.instance_type
    key_name      = "retailweb-key"
    user_data     = filebase64("app-install.sh")
    block_device_mappings {
      device_name = "/dev/sda1"
      ebs {
        volume_size           = 15
        delete_on_termination = true
        volume_type           = "gp2"
      }
    }
    tags = {
      Environment = "production"
      Project     = "RetailWeb-ASG"
      Owner       = "RetailWeb-Team"
      Domain      = "retailwebsolutions.com"
    }
  }

• Example from app-install.sh:

  #!/bin/bash
  yum update -y
  yum install -y httpd
  systemctl start httpd
  systemctl enable httpd
  mkdir -p /var/www/html/storefront
  echo "<h1>StoreFront Index Page</h1>" > /var/www/html/storefront/index.html
  echo "<h1>StoreFront Metadata Page</h1><p>Instance ID: $(curl -s http://169.254.169.254/latest/meta-data/instance-id)</p>" > /var/www/html/storefront/metadata.html

Result

The AMJ Cloud Technologies DevOps team successfully delivered a scalable infrastructure for RetailWeb Solutions’ StoreFront application:

• Deployment Automation: Our team automated ALB, ASG, and Route 53 provisioning using Terraform, streamlining deployments.
• Routing Accuracy: Our team configured and validated 100% accurate HTTP header (User-Agent: Mobile) and query string (app=storefront) routing to the StoreFront target group.
• Availability Improvement: Our team achieved 99.9% uptime through autoscaling and ALB configurations.
• Scaling Efficiency: Our team implemented CPU-based TTSP (50%), ALB request-based TTSP (10 per target), and scheduled actions (8 instances at 7 AM, 2 at 5 PM EST).
• Notifications: Our team set up SNS notifications to ops@retailwebsolutions.com for instance events.
• Secure Access: Our team enabled HTTPS via alb.retailwebsolutions.com, validating secure routing.

Technologies Used

• AWS Application Load Balancer
• AWS VPC
• AWS EC2
• AWS Auto Scaling
• AWS ACM
• AWS Route 53
• AWS SNS
• Terraform
• Amazon Linux 2

Key Takeaways

This project showcases the expertise of the AMJ Cloud Technologies DevOps team in designing and implementing a scalable web infrastructure with advanced ALB routing using Terraform. By developing modular configurations, configuring HTTP header and query string-based routing, and integrating autoscaling, our team ensured high availability and performance for RetailWeb Solutions’ retail platform.

Architectural Diagram