Access/Connection logs Test runs even when not enabled

[ben-dov]

Bug Description
When configuration Access/Connection logs in an ELB using the AWS Console, AWS will create a test file in the bucket to check access.
Its expected that the test would not be performed if the log configurations are not activated.
This behaviour changed after upgrading from 2.13 to 2.16 (happened before as well)

Steps to Reproduce

• Create an ingress, and set:

alb.ingress.kubernetes.io/load-balancer-attributes: >-
  access_logs.s3.enabled=false,
  access_logs.s3.bucket=<app-elb-log-bucket>,
  access_logs.s3.prefix=app

• View the alb-controller logs, and s3 bucket

Expected Behavior
Bucket test not being performed

Actual Behavior
If bucket has the required permissions, then test file will be created.
Otherwise, alb-controller will show error logs on sync.

Environment

• AWS Load Balancer controller version: 2.16
• Kubernetes version: 1.34
• Using EKS: yes
• Using Ingress

Possible Solution (Optional)
A workaround is to either remove all access_logs.s3. configuration, or add required permissions to the bucket policy to pass the test.

[sarevalo2002]

Hello! This looks to be the default behavior of the API, we would recommend not specifying the attribute so that it's not submitted to the API. Is there a reason why you specify it to be turned off but provide the bucket?