This module installs the AWS Load Balancer Controller into an EKS cluster using Helm.
This module follows the AWS Load Balancer Controller installation guide using Helm. The required resources are created using terraform. We use the same naming conventions as the guide and the same default values.
As described here, you can delete the resources for the AWS Load Balancer Controller and the applications that use the Application Load Balancers Ingresses should continue to work. Remember to keep in place the following resources to avoid disruption:
IngressClassParamsCRDTargetGroupBindingsCRDalbIngreesClassParamsalbIngressClass
The two CRDs (IngressClassParams and TargetGroupBindings) will be updated by the two kubernetes_manifest of this module. The alb IngressClass and IngressClassParams will be created by helm_release of this module.
The two CRDs should be updated without any issue. The alb IngressClass and IngressClassParams must be adopted before applying the helm_release of this module. You can execute the following code snippet to update your resources and inform the Helm release about them:
# IngressClassParams
kubectl annotate IngressClassParams alb meta.helm.sh/release-name=aws-load-balancer-controller
kubectl annotate IngressClassParams alb meta.helm.sh/release-namespace=kube-system
kubectl label IngressClassParams alb app.kubernetes.io/managed-by=Helm
# IngressClass
kubectl annotate IngressClass alb meta.helm.sh/release-name=aws-load-balancer-controller
kubectl annotate IngressClass alb meta.helm.sh/release-namespace=kube-system
kubectl label IngressClass alb app.kubernetes.io/managed-by=HelmIn the snippet above, if you have changed the helm_release_name or namespace of this module, you should update the values of the annotations accordingly.
| Name | Version |
|---|---|
| aws | >= 5.0 |
| helm | >= 2.0 |
| kubernetes | >= 2.23 |
| Name | Version |
|---|---|
| terraform | >= 1.5 |
| aws | >= 5.0 |
| helm | >= 2.0 |
| kubernetes | >= 2.23 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_lbc_iam_policy_description | The description of the IAM policy for the AWS Load Balancer Controller. | string |
"IAM policy for AWS Load Balancer Controller." |
no |
| aws_lbc_iam_policy_name | The name of the IAM policy for the AWS Load Balancer Controller. | string |
"AWSLoadBalancerControllerIAMPolicy" |
no |
| aws_lbc_role_name | The name of the IAM role that the AWS Load Balancer Controller will assume. | string |
"aws-load-balancer-controller" |
no |
| aws_region | The AWS region where the cluster is deployed. | string |
n/a | yes |
| aws_vpc_id | The ID of the VPC where the AWS Load Balancer Controller will be deployed. | string |
n/a | yes |
| cluster_name | The name of the EKS cluster. | string |
n/a | yes |
| cluster_oidc_issuer_host | The OIDC issuer host for the EKS cluster. | string |
n/a | yes |
| create_namespace | Whether to create the namespace or not. If set to false, it is expected that the namespace already exists. | bool |
false |
no |
| enable_cert_manager | Enable cert-manager for the AWS Load Balancer Controller. | bool |
false |
no |
| helm_additional_values | Additional values to be passed to the Helm chart. | list(string) |
[] |
no |
| helm_chart_version | The version of the aws-load-balancer-controller Helm chart. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file. | string |
"1.8.1" |
no |
| helm_release_name | The name of the Helm release. | string |
"aws-load-balancer-controller" |
no |
| install_crds | Install the CRDs for the AWS Load Balancer Controller. | bool |
true |
no |
| k8s_additional_labels | Additional labels to apply to the Kubernetes resources. | map(string) |
{} |
no |
| k8s_default_labels | Labels to apply to the Kubernetes resources. These are opinionated labels, you can add more labels using the variable additional_k8s_labels. If you want to remove a label, you can override it with an empty map(string). |
map(string) |
{ |
no |
| k8s_lbc_service_account_name | The name of the Kubernetes service account for AWS Load Balancer Controller. | string |
"aws-load-balancer-controller" |
no |
| namespace | The namespace in which the AWS Load Balancer Controller resources will be created. | string |
"kube-system" |
no |
| replica_count | The number of replicas for the AWS Load Balancer Controller. | number |
2 |
no |
| set_topology_spread_constraints | Set the topologySpreadConstraints for the AWS Load Balancer Controller. | bool |
true |
no |
| set_topology_spread_constraints_max_skew | Set the topologyKey in the topologySpreadConstraints for the AWS Load Balancer Controller. | number |
1 |
no |
| set_topology_spread_constraints_topology_key | Set the topologyKey in the topologySpreadConstraints for the AWS Load Balancer Controller. | string |
"kubernetes.io/hostname" |
no |
| set_topology_spread_constraints_when_unsatisfiable | Set the whenUnsatisfiable policy in the topologySpreadConstraints for the AWS Load Balancer Controller. | string |
"ScheduleAnyway" |
no |
| Name | Description |
|---|---|
| aws_lbc_iam_policy_arn | The ARN of the IAM policy created for the AWS Load Balancer Controller. |
| final_k8s_common_labels | The final list of common labels to apply to the Kubernetes resources. |
| Name | Type |
|---|---|
| aws_iam_policy.this | resource |
| helm_release.this | resource |
| kubernetes_manifest.this | resource |
| kubernetes_namespace_v1.this | resource |
| kubernetes_secret_v1.this | resource |
| kubernetes_service_account_v1.this | resource |
| kubernetes_namespace_v1.this | data source |
| Name | Source | Version |
|---|---|---|
| iam_assumable_role_with_oidc_for_lbc | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | ~> 5.0 |