diff --git a/docs/deploy/configurations.md b/docs/deploy/configurations.md index af8d03a0f..dcff19b97 100644 --- a/docs/deploy/configurations.md +++ b/docs/deploy/configurations.md @@ -188,3 +188,4 @@ There are a set of key=value pairs that describe AWS load balancer controller fe | LBCapacityReservation | string | true | Enable or disable the capacity reservation feature on ALB and NLB | | EnableTCPUDPListenerType | string | false | Enable or disable creation of TCP_UDP type listeners. This value can be overriden at the Service level by the annotation `service.beta.kubernetes.io/aws-load-balancer-enable-tcp-udp-listener` | | EnhancedDefaultBehavior | string | false | Enable this feature to allow the controller to remove Provisioned Capacity or mTLS settings by removing the corresponding annotation. | +| SubnetDiscoveryByReachability | string | true | Automatically discover all subnets in the VPC and classify them as public/private based on route table configuration (route to Internet Gateway → public, route via NAT/TGW/VPC endpoint → private). Can be disabled with this flag. | diff --git a/helm/aws-load-balancer-controller/values.yaml b/helm/aws-load-balancer-controller/values.yaml index 851bc52a9..b2f2ec5d0 100644 --- a/helm/aws-load-balancer-controller/values.yaml +++ b/helm/aws-load-balancer-controller/values.yaml @@ -375,6 +375,7 @@ controllerConfig: # NLBHealthCheckAdvancedConfig: true # ALBSingleSubnet: false # LBCapacityReservation: true + # SubnetDiscoveryByReachability: true # auto-discover subnet public/private via route tables # EnhancedDefaultBehavior: false certDiscovery: