Closed harsha20494 closed 1 year ago
@harsha20494 You should not manually modify the securityGroup created by ALB, the rules is automatically managed by the controller, every reconcile(e.g. when node changes) will bring it to the desired state controller expects. You can use annotation https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/ingress/annotations/#inbound-cidrs to customize the inbound CIDR to desired one.
Alternatively, you can use annotation(https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/ingress/annotations/#security-groups) to specify a security created by you if you want more flexibility.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
@harsha20494, I'm closing this issue as for now, please feel free to reach out or reopen if you have any questions. Thanks
Describe the bug AWS Load balancer controller deletes security group inbound rules and adds open to internet automatically
Steps to reproduce
Expected outcome
Environment