aws · M00nF1sh · May 7, 2025 · May 6, 2025
@@ -1,8 +1,8 @@
 apiVersion: v2
 name: aws-load-balancer-controller
 description: AWS Load Balancer Controller Helm chart for Kubernetes
-version: 1.12.0
-appVersion: v2.12.0
+version: 1.13.0
+appVersion: v2.13.0
 home: https://github.com/aws/eks-charts
 icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
 sources:

@@ -54,6 +54,12 @@ spec:
           spec:
             description: IngressClassParamsSpec defines the desired state of IngressClassParams
             properties:
+              PrefixListsIDs:
+                description: PrefixListsIDs defines the security group prefix lists
+                  for all Ingresses that belong to IngressClass with this IngressClassParams.
+                items:
+                  type: string
+                type: array
               certificateArn:
                 description: CertificateArn specifies the ARN of the certificates
                   for all Ingresses that belong to IngressClass with this IngressClassParams.
@@ -254,6 +260,13 @@ spec:
                   - value
                   type: object
                 type: array
+              targetType:
+                description: TargetType defines the target type of target groups for
+                  all Ingresses that belong to IngressClass with this IngressClassParams.
+                enum:
+                - instance
+                - ip
+                type: string
             type: object
         type: object
     served: true

@@ -154,6 +154,9 @@ spec:
         {{- if kindIs "bool" .Values.enableBackendSecurityGroup }}
         - --enable-backend-security-group={{ .Values.enableBackendSecurityGroup }}
         {{- end }}
+        {{- if kindIs "bool" .Values.enableManageBackendSecurityGroupRules }}
+        - --enable-manage-backend-security-group-rules={{ .Values.enableManageBackendSecurityGroupRules }}
+        {{- end }}
         {{- if .Values.backendSecurityGroup }}
         - --backend-security-group={{ .Values.backendSecurityGroup }}
         {{- end }}

@@ -89,6 +89,33 @@ rules:
 - apiGroups: ["discovery.k8s.io"]
   resources: [endpointslices]
   verbs: [get, list, watch]
+- apiGroups: ["gateway.k8s.aws"]
+  resources: [loadbalancerconfigurations, targetgroupconfigurations]
+  verbs: [get, list, watch]
+- apiGroups: ["gateway.k8s.aws"]
+  resources: [loadbalancerconfigurations/finalizers, targetgroupconfigurations/finalizers]
+  verbs: [update]
+- apiGroups: ["gateway.k8s.aws"]
+  resources: [loadbalancerconfigurations/status, targetgroupconfigurations/status]
+  verbs: [get, patch, watch]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [gatewayclasses, gateways]
+  verbs: [get, list, watch, patch]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [gatewayclasses/finalizers, gateways/finalizers]
+  verbs: [update]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [gatewayclasses/status, gateways/status]
+  verbs: [get, patch, update]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [grpcroutes, httproutes, tcproutes, tlsroutes, udproutes]
+  verbs: [get, list, watch]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [grpcroutes/finalizers, httproutes/finalizers, tcproutes/finalizers, tlsroutes/finalizers, udproutes/finalizers]
+  verbs: [update]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: [grpcroutes/status, httproutes/status, tcproutes/status, tlsroutes/status, udproutes/status]
+  verbs: [get, patch, update]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding

@@ -237,6 +237,14 @@ spec:
     kind: Issuer
     name: {{ template "aws-load-balancer-controller.namePrefix" . }}-selfsigned-issuer
   secretName: {{ template "aws-load-balancer-controller.webhookCertSecret" . }}
+  {{- with .Values.certManager -}}
+  {{ if .duration }}
+  duration: {{ .duration }}
+  {{- end }}
+  {{- if .renewBefore }}
+  renewBefore: {{ .renewBefore }}
+  {{- end }}
+  {{- end }}
 ---
 apiVersion: cert-manager.io/v1
 kind: Issuer

@@ -6,7 +6,7 @@ replicaCount: 2
 
 image:
   repository: public.ecr.aws/eks/aws-load-balancer-controller
-  tag: v2.12.0
+  tag: v2.13.0
   pullPolicy: IfNotPresent
 
 imagePullSecrets: []

@@ -8,7 +8,7 @@ revisionHistoryLimit: 10
 
 image:
   repository: public.ecr.aws/eks/aws-load-balancer-controller
-  tag: v2.12.0
+  tag: v2.13.0
   pullPolicy: IfNotPresent
 
 runtimeClassName: ""
@@ -115,6 +115,11 @@ additionalLabels: {}
 # Enable cert-manager
 enableCertManager: false
 
+# Overrideable variables when enableCertManager is set to true
+certManager:
+  duration:
+  renewBefore:
+
 # The name of the Kubernetes cluster. A non-empty value is required
 clusterName:
 
@@ -346,6 +351,9 @@ enableEndpointSlices:
 # enableBackendSecurityGroup enables shared security group for backend traffic (default true)
 enableBackendSecurityGroup:
 
+# enableManageBackendSecurityGroupRules enables controller manages security group rules (default false)
+enableManageBackendSecurityGroupRules:
+
 # backendSecurityGroup specifies backend security group id (default controller auto create backend security group)
 backendSecurityGroup: