Skip to main content

Install AWS Load Balancer Controller

Install AWS Load Balancer Controller

The AWS Load Balancer Controller enables Kubernetes Ingress resources to provision and manage Application Load Balancers (ALBs) on Amazon EKS.

It is required for exposing Zilla Platform services using ALB Ingress.

Associate IAM OIDC Provider

Enable IAM Roles for Service Accounts (IRSA) by associating the cluster with an IAM OIDC provider:

eksctl utils associate-iam-oidc-provider \
  --region ${AWS_REGION} \
  --cluster ${CLUSTER_NAME} \
  --approve

Create IAM Policy

Download and create the IAM policy required by the controller:

curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.7.0/docs/install/iam_policy.json

aws iam create-policy \
  --policy-name AWSLoadBalancerControllerIAMPolicy \
  --policy-document file://iam_policy.json

Note

If the policy already exists, you can skip this step.

Create IAM Service Account

Create a Kubernetes service account in the kube-system namespace and attach the IAM policy:

eksctl create iamserviceaccount \
  --cluster=${CLUSTER_NAME} \
  --namespace=kube-system \
  --name=aws-load-balancer-controller \
  --attach-policy-arn=arn:aws:iam::$(aws sts get-caller-identity --query Account --output text):policy/AWSLoadBalancerControllerIAMPolicy \
  --override-existing-serviceaccounts \
  --approve

Verify the service account was created:

kubectl get serviceaccount -n kube-system aws-load-balancer-controller

Install the Controller via Helm

Add the EKS Helm repository and install the controller:

helm repo add eks https://aws.github.io/eks-charts
helm repo update

helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
  -n kube-system \
  --set clusterName=${CLUSTER_NAME} \
  --set serviceAccount.create=false \
  --set serviceAccount.name=aws-load-balancer-controller

Verify Installation

Confirm that the controller deployment and pods are running:

kubectl get deployment -n kube-system aws-load-balancer-controller
kubectl get pods -n kube-system -l app.kubernetes.io/name=aws-load-balancer-controller

Wait until the pods are running (READY 2/2).

© aklivity, inc. 2023-2026