| affinity |
Pod affinity |
map(any) |
{} |
no |
| autoscaling |
Autoscaling configuration |
any |
{
"enabled": true,
"maxReplicas": 5,
"minReplicas": 1,
"targetCPUUtilizationPercentage": 80
} |
no |
| aws_max_retries |
Maximum retries for AWS APIs (default 10) |
number |
10 |
no |
| chart_name |
Helm chart name to provision |
string |
"aws-load-balancer-controller" |
no |
| chart_namespace |
Namespace to install the chart into |
string |
"kube-system" |
no |
| chart_repository |
Helm repository for the chart |
string |
"https://aws.github.io/eks-charts" |
no |
| chart_timeout |
Timeout to wait for the Chart to be deployed. |
number |
300 |
no |
| chart_version |
Version of Chart to install. Set to empty to install the latest version |
string |
"1.15.0" |
no |
| cluster_name |
Name of Kubernetes Cluster |
string |
n/a |
yes |
| cluster_tag_check |
Enable or disable subnet tag check |
bool |
false |
no |
| default_tags |
Default tags to apply to all AWS resources managed by this controller |
map(string) |
{} |
no |
| enable_cert_manager |
Enable cert-manager injection of webhook certficates |
bool |
false |
no |
| enable_pod_readiness_gate_inject |
If enabled, targetHealth readiness gate will get injected to the pod spec for the matching endpoint pods (default true) |
bool |
true |
no |
| enable_service_mutator_webhook |
Enable the service mutator webhook |
bool |
true |
no |
| enable_shield |
Enable Shield addon for ALB (default true) |
bool |
true |
no |
| enable_waf |
Enable WAF addon for ALB (default true) |
bool |
true |
no |
| enable_wafv2 |
Enable WAF V2 addon for ALB (default true) |
bool |
true |
no |
| env |
Fixed environment variables for container |
map(string) |
{} |
no |
| extra_volume_mounts |
Extra Volume mounts |
list(any) |
[] |
no |
| extra_volumes |
Extra volumes |
list(any) |
[] |
no |
| fullname_override |
Full name override for resources |
string |
"" |
no |
| host_network |
Use Host Network for pod |
bool |
false |
no |
| iam_role_name |
Name of IAM role for controller |
string |
"" |
no |
| image_repository |
Image repository on Dockerhub |
string |
"amazon/aws-alb-ingress-controller" |
no |
| image_tag |
Image tag |
string |
"v2.15.0" |
no |
| ingress_class |
The ingress class this controller will satisfy. If not specified, controller will match all ingresses without ingress class annotation and ingresses of type alb |
string |
"alb" |
no |
| ingress_max_concurrent_reconciles |
Maximum number of concurrently running reconcile loops for ingress (default 3) |
number |
3 |
no |
| load_balancer_class |
Specifies the class of load balancer to use for services. This affects how services are provisioned if type LoadBalancer is used (default service.k8s.aws/nlb) |
string |
"" |
no |
| log_level |
Log level. Either info or debug |
string |
"info" |
no |
| max_history |
Max History for Helm |
number |
20 |
no |
| metrics_bind_addr |
The address the metric endpoint binds to. (default ':8080') |
string |
":8080" |
no |
| name_override |
Name override for resources |
string |
"" |
no |
| oidc_provider_arn |
OIDC Provider ARN for IRSA |
string |
n/a |
yes |
| pdb |
PDB for pod |
map(any) |
{} |
no |
| pod_annotations |
Additional annotations on a pod |
map(string) |
{} |
no |
| pod_labels |
Additional labels on a pod |
map(string) |
{} |
no |
| pod_security_context |
Pod Security Context |
map(any) |
{
"fsGroup": 65534
} |
no |
| prefer_ecr_repositories |
Prefer ECR repositories according to the region. If none can be found, var.image_repository is used |
bool |
true |
no |
| priority_class_name |
Priority class for pod |
string |
"system-cluster-critical" |
no |
| region |
The AWS region for the kubernetes cluster. Set to use KIAM or kube2iam for example. |
string |
"" |
no |
| release_name |
Helm release name |
string |
"aws-load-balancer-controller" |
no |
| replicas |
Number of replicas |
number |
1 |
no |
| resources |
Pod Resources |
map(any) |
{
"limits": {
"cpu": "200m",
"memory": "500Mi"
},
"requests": {
"cpu": "100m",
"memory": "500Mi"
}
} |
no |
| revision_history_limit |
The number of old history to retain to allow rollback. Set to 0 to disable |
number |
10 |
no |
| runtime_class_name |
Runtime class name for the controller |
string |
"" |
no |
| security_context |
Security Context for container |
map(any) |
{
"allowPrivilegeEscalation": false,
"readOnlyRootFilesystem": true,
"runAsNonRoot": true
} |
no |
| service_account_annotations |
Addiitional Annotations for service account |
map(string) |
{} |
no |
| service_account_name |
Name of service account to create. Not generated |
string |
"aws-load-balancer-controller" |
no |
| service_max_concurrent_reconciles |
Maximum number of concurrently running reconcile loops for service (default 3) |
number |
3 |
no |
| service_mutator_webhook_config |
Service Mutator Webhook Configuration |
any |
{
"failurePolicy": "Fail",
"objectSelector": {
"matchExpressions": [],
"matchLabels": {},
"operations": [
"CREATE"
]
}
} |
no |
| service_target_eni_sg_tags |
Tags to apply to the security group created for the service target group |
map(string) |
{} |
no |
| sync_period |
Period at which the controller forces the repopulation of its local object stores. (default 1h0m0s) |
string |
"1h0m0s" |
no |
| targetgroupbinding_max_concurrent_reconciles |
Maximum number of concurrently running reconcile loops for targetGroupBinding |
number |
3 |
no |
| termination_grace_period_seconds |
Time period for the controller pod to do a graceful shutdown |
number |
10 |
no |
| tolerations |
Pod Tolerations |
list(any) |
[] |
no |
| vpc_id |
The VPC ID for the Kubernetes cluster. Set this manually when your pods are unable to use the metadata service to determine this automatically |
string |
"" |
no |
| watch_namespace |
Watch a single namespace if specified, or all namespaces if not |
string |
"" |
no |
| webhook_bind_port |
The TCP port the Webhook server binds to. (default 9443) |
number |
9443 |
no |