This module deploys AWS LoadBalancer Controller to a Kubernetes Cluster.
| Name | Version |
|---|---|
| terraform | >= 0.14 |
| aws | >= 3.28 |
| helm | >= 2 |
| Name | Version |
|---|---|
| aws | >= 3.28 |
| helm | >= 2 |
| Name | Source | Version |
|---|---|---|
| iam_assumable_role_admin | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | ~> 4.0 |
| Name | Type |
|---|---|
| aws_iam_role_policy.controller | resource |
| helm_release.release | resource |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| affinity | Pod affinity | map(any) |
{} |
no |
| aws_max_retries | Maximum retries for AWS APIs (default 10) | number |
10 |
no |
| chart_name | Helm chart name to provision | string |
"aws-load-balancer-controller" |
no |
| chart_namespace | Namespace to install the chart into | string |
"kube-system" |
no |
| chart_repository | Helm repository for the chart | string |
"https://aws.github.io/eks-charts" |
no |
| chart_timeout | Timeout to wait for the Chart to be deployed. | number |
300 |
no |
| chart_version | Version of Chart to install. Set to empty to install the latest version | string |
"1.1.6" |
no |
| cluster_name | Name of Kubernetes Cluster | string |
n/a | yes |
| cluster_oidc_issuer_url | OIDC provider URL for EKS cluster | string |
n/a | yes |
| default_tags | Default tags to apply to all AWS resources managed by this controller | map(string) |
{} |
no |
| enable_cert_manager | Enable cert-manager injection of webhook certficates | bool |
false |
no |
| enable_pod_readiness_gate_inject | If enabled, targetHealth readiness gate will get injected to the pod spec for the matching endpoint pods (default true) | bool |
true |
no |
| enable_shield | Enable Shield addon for ALB (default true) | bool |
true |
no |
| enable_waf | Enable WAF addon for ALB (default true) | bool |
true |
no |
| enable_wafv2 | Enable WAF V2 addon for ALB (default true) | bool |
true |
no |
| env | Fixed environment variables for container | map(string) |
{} |
no |
| extra_volume_mounts | Extra Volume mounts | list(any) |
[] |
no |
| extra_volumes | Extra volumes | list(any) |
[] |
no |
| fullname_override | Full name override for resources | string |
"" |
no |
| host_network | Use Host Network for pod | bool |
false |
no |
| iam_role_description | Description for IAM role for controller | string |
"Used by AWS Load Balancer Controller for EKS" |
no |
| iam_role_name | Name of IAM role for controller | string |
"aws-load-balancer-controller" |
no |
| iam_role_path | IAM Role path for controller | string |
"" |
no |
| iam_role_permission_boundary | Permission boundary ARN for IAM Role for controller | string |
"" |
no |
| iam_role_tags | Tags for IAM Role for controller | map(string) |
{} |
no |
| image_repository | Image repository on Dockerhub | string |
"amazon/aws-alb-ingress-controller" |
no |
| image_tag | Image tag | string |
"v2.1.3" |
no |
| ingress_class | The ingress class this controller will satisfy. If not specified, controller will match all ingresses without ingress class annotation and ingresses of type alb | string |
"alb" |
no |
| ingress_max_concurrent_reconciles | Maximum number of concurrently running reconcile loops for ingress (default 3) | number |
3 |
no |
| log_level | Log level. Either info or debug |
string |
"info" |
no |
| max_history | Max History for Helm | number |
20 |
no |
| metrics_bind_addr | The address the metric endpoint binds to. (default ':8080') | string |
":8080" |
no |
| name_override | Name override for resources | string |
"" |
no |
| pdb | PDB for pod | map(any) |
{} |
no |
| pod_annotations | Additional annotations on a pod | map(string) |
{} |
no |
| pod_labels | Additional labels on a pod | map(string) |
{} |
no |
| pod_security_context | Pod Security Context | map(any) |
{ |
no |
| prefer_ecr_repositories | Prefer ECR repositories according to the region. If none can be found, var.image_repository is used |
bool |
true |
no |
| priority_class_name | Priority class for pod | string |
"system-cluster-critical" |
no |
| region | The AWS region for the kubernetes cluster. Set to use KIAM or kube2iam for example. | string |
"" |
no |
| release_name | Helm release name | string |
"aws-load-balancer-controller" |
no |
| replicas | Number of replicas | number |
1 |
no |
| resources | Pod Resources | map(any) |
{ |
no |
| security_context | Security Context for container | map(any) |
{ |
no |
| service_account_annotations | Addiitional Annotations for service account | map(string) |
{} |
no |
| service_account_name | Name of service account to create. Not generated | string |
"aws-load-balancer-controller" |
no |
| service_max_concurrent_reconciles | Maximum number of concurrently running reconcile loops for service (default 3) | number |
3 |
no |
| sync_period | Period at which the controller forces the repopulation of its local object stores. (default 1h0m0s) | string |
"1h0m0s" |
no |
| targetgroupbinding_max_concurrent_reconciles | Maximum number of concurrently running reconcile loops for targetGroupBinding | number |
3 |
no |
| termination_grace_period_seconds | Time period for the controller pod to do a graceful shutdown | number |
10 |
no |
| tolerations | Pod Tolerations | list(any) |
[] |
no |
| vpc_id | The VPC ID for the Kubernetes cluster. Set this manually when your pods are unable to use the metadata service to determine this automatically | string |
"" |
no |
| watch_namespace | Watch a single namespace if specified, or all namespaces if not | string |
"" |
no |
| webhook_bind_port | The TCP port the Webhook server binds to. (default 9443) | number |
9443 |
no |
| Name | Description |
|---|---|
| iam_role_arn | ARN of IAM role |
| iam_role_name | Name of IAM role |
| iam_role_path | Path of IAM role |
| iam_role_unique_id | Unique ID of IAM role |