- Le plus récent
- Le plus de votes
- La plupart des commentaires
Sounds like AWS load balancer controller you can use this annotation to avoid the auto created security group - https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/ingress/annotations/#security-groups
"alb.ingress.kubernetes.io/security-groups specifies the securityGroups you want to attach to LoadBalancer.
When this annotation is not present, the controller will automatically create one security group, the security group will be attached to the LoadBalancer and allow access from inbound-cidrs to the listen-ports. Also, the securityGroups for Node/Pod will be modified to allow inbound traffic from this securityGroup.
If you specify this annotation, you need to configure the security groups on your Node/Pod to allow inbound traffic from the load balancer. You could also set the manage-backend-security-group-rules if you want the controller to manage the access rules."
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 2 mois
- Réponse acceptéedemandé il y a un an
- AWS OFFICIELA mis à jour il y a un an