Conditional redirect due to cutting the path value

[SergeySypalo]

Description

I was building a private S3 website behind the штеуктфд load balancer using this guide:
https://aws.amazon.com/blogs/networking-and-content-delivery/hosting-internal-https-static-websites-with-alb-s3-and-privatelink/
Manually everything worked, but not via Terraform

Versions

• Module version: 9.12.0

• Terraform version: 1.98.0

• Provider version(s): 5.75.1

Reproduction Code [Required]

module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "~> 9.12.0"

  name               = "serg-test-internal-alb"
  load_balancer_type = "application"
  internal           = true
  vpc_id             = local.vpc_id
  subnets            = local.private_subnet_ids
  security_groups    = [module.alb_sg.security_group_id]

  listeners = {
    ex-http-https-redirect = {
      port     = 80
      protocol = "HTTP"
      redirect = {
        port        = "443"
        protocol    = "HTTPS"
        status_code = "HTTP_301"
      }
    }
    ex-https = {
      port            = 443
      protocol        = "HTTPS"
      certificate_arn = module.acm.acm_certificate_arn
      forward = {
        target_group_key = "s3_vpce"
      }

      rules = {
        "web-redirect" = {
          priority = 100
          conditions = [{
            path_pattern = {
              values = ["*/"]
            }
          }]
          actions = [{
            type        = "redirect"
            status_code = "HTTP_301"
            redirect = {
              port  = "#{port}"
              host  = "#{host}"
              path  = "/#{path}index.html"
              query = "#{query}"
            }
          }]
        }
      }
    }
  }

  target_groups = {
    s3_vpce = {
      name_prefix      = "web"
      backend_protocol = "HTTP"
      backend_port     = 80
      target_type      = "ip"

      health_check = {
        enabled             = true
        interval            = 30
        path                = "/"
        port                = 80
        healthy_threshold   = 5
        unhealthy_threshold = 2
        timeout             = 5
        protocol            = "HTTP"
        matcher             = "200,307,405"
      }

      create_attachment = false
    }
  }

  tags = local.tags
}

Steps to reproduce the behavior:

feel free to replace acm and other local variable wit your values

Expected behavior

Terraform plan should show that it will create a path as I defined

• redirect {
  + host = "#{host}"
  + path = "/#{path}index.html"
  + port = "#{port}"
  + protocol = "HTTPS"
  + query = "#{query}"
  + status_code = "HTTP_301"
  }

Actual behavior

But it cut index.html.part

• redirect {
  + host = "#{host}"
  + path = "/#{path}index.html"
  + port = "#{port}"
  + protocol = "HTTPS"
  + query = "#{query}"
  + status_code = "HTTP_301"
  }

Terminal Output Screenshot(s)

That's why I keep on seeing this error, and and basically terraform apply failed:
module.alb.aws_lb_listener_rule.this["ex-https/web-redirect"]: Creating...
╷
│ Error: creating ELBv2 Listener Rule: operation error Elastic Load Balancing v2: CreateRule, https response error StatusCode: 400, RequestID: 3453453-7b38-48ed-a177-34534543, InvalidLoadBalancerAction: The redirect configuration is not valid because it creates a loop.

Additional context

So as a fix, I commented rules section in ALB module and created them like this and the path was created as I provided, with index.html in the end:

resource "aws_lb_listener_rule" "web_redirect" {
  listener_arn = module.alb.listeners["ex-https"].arn
  priority     = 10

  action {
    type = "redirect"
    redirect {
      protocol    = "HTTPS"
      status_code = "HTTP_301"
      port        = "#{port}"
      host        = "#{host}"
      path        = "/#{path}index.html"
      query       = "#{query}"
    }
  }

  condition {
    path_pattern {
      values = ["*/"]
    }
  }
}