My expertise is not in terraform but I am familiar with the API behind it. You cannot have destination_address_prefix and destination_application_security_group_ids at the same time. They are mutually exclusive. Try providing only one of those and see if the error goes away.