How to avoid creating a path condition in load balancer rule when using alb ingress controller

Question

There is a limit of 5 conditions per rule in ALB listener. When I create an ingress resource on EKS cluster, ALB ingress controller creates a rule in the load balancer listener which has 2 conditions:

1. HTTP Host Header is blabla.mycompany.com
2. Path Pattern is /*

I need to be able to add 4 additional conditions for my application, but then it would exceed the 5 condition limit.

If I go to the AWS console and edit load balancer rules manually, I can remove the condition#2 and everything still works, so I don't actually need condition#2 to be there.

How can I define an ingress resource so ALB ingress controller only adds the "Host Header" rule and leaves the 4 remaining condition slots empty?

Below is my current ingress definition. I've tried a few different things with pathType but it still generates the path condition:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    alb.ingress.kubernetes.io/certificate-arn: mycertificatearn
    alb.ingress.kubernetes.io/conditions.my-service: '[{"field":"source-ip",...'
    alb.ingress.kubernetes.io/group.name: my-alb-group
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80},{"HTTPS":443}]'
    alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=150
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-2016-08
    alb.ingress.kubernetes.io/ssl-redirect: "443"
    alb.ingress.kubernetes.io/target-type: ip
    kubernetes.io/ingress.class: alb
  name: my-ingress
  namespace: my-namespace
spec:
  rules:
  - host: blabla.mycompany.com
    http:
      paths:
      - backend:
          service:
            name: my-service
            port:
              number: 80
        pathType: ImplementationSpecific

Answer 1

Here is an example, that yoy looking for: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/annotations/ - it's limit: 5 condition in a rule.

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  namespace: default
  name: ingress
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/actions.rule-path1: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Host is www.example.com OR anno.example.com"}}
    alb.ingress.kubernetes.io/conditions.rule-path1: >
      [{"field":"host-header","hostHeaderConfig":{"values":["anno.example.com"]}}]
    alb.ingress.kubernetes.io/actions.rule-path2: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Path is /path2 OR /anno/path2"}}
    alb.ingress.kubernetes.io/conditions.rule-path2: >
      [{"field":"path-pattern","pathPatternConfig":{"values":["/anno/path2"]}}]
    alb.ingress.kubernetes.io/actions.rule-path3: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Http header HeaderName is HeaderValue1 OR HeaderValue2"}}
    alb.ingress.kubernetes.io/conditions.rule-path3: >
      [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "HeaderName", "values":["HeaderValue1", "HeaderValue2"]}}]
    alb.ingress.kubernetes.io/actions.rule-path4: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Http request method is GET OR HEAD"}}
    alb.ingress.kubernetes.io/conditions.rule-path4: >
      [{"field":"http-request-method","httpRequestMethodConfig":{"Values":["GET", "HEAD"]}}]
    alb.ingress.kubernetes.io/actions.rule-path5: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Query string is paramA:valueA1 OR paramA:valueA2"}}
    alb.ingress.kubernetes.io/conditions.rule-path5: >
      [{"field":"query-string","queryStringConfig":{"values":[{"key":"paramA","value":"valueA1"},{"key":"paramA","value":"valueA2"}]}}]
    alb.ingress.kubernetes.io/actions.rule-path6: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"Source IP is 192.168.0.0/16 OR 172.16.0.0/16"}}
    alb.ingress.kubernetes.io/conditions.rule-path6: >
      [{"field":"source-ip","sourceIpConfig":{"values":["192.168.0.0/16", "172.16.0.0/16"]}}]
    alb.ingress.kubernetes.io/actions.rule-path7: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"200","messageBody":"multiple conditions applies"}}
    alb.ingress.kubernetes.io/conditions.rule-path7: >
      [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "HeaderName", "values":["HeaderValue"]}},{"field":"query-string","queryStringConfig":{"values":[{"key":"paramA","value":"valueA"}]}},{"field":"query-string","queryStringConfig":{"values":[{"key":"paramB","value":"valueB"}]}}]
spec:
  rules:
    - host: www.example.com
      http:
        paths:
          - path: /path1
            backend:
              serviceName: rule-path1
              servicePort: use-annotation
          - path: /path2
            backend:
              serviceName: rule-path2
              servicePort: use-annotation
          - path: /path3
            backend:
              serviceName: rule-path3
              servicePort: use-annotation
          - path: /path4
            backend:
              serviceName: rule-path4
              servicePort: use-annotation
          - path: /path5
            backend:
              serviceName: rule-path5
              servicePort: use-annotation
          - path: /path6
            backend:
              serviceName: rule-path6
              servicePort: use-annotation
          - path: /path7
            backend:
              serviceName: rule-path7
              servicePort: use-annotation