Skip to content

Setup ALB ingress controller

This document describes how to install ALB ingress controller into your kubernetes cluster on AWS. If you'd prefer an end-to-end walkthrough of setup instead, see the echoservice walkthrough


This section details what must be setup in order for the controller to run.


The kubelet must be run with --cloud-provider=aws. This populates the EC2 instance ID in each node's spec.

Role Permissions

Adequate roles and policies must be configured in AWS and available to the node(s) running the controller. How access is granted is up to you. Some will attach the needed rights to node's role in AWS. Others will use projects like kube2iam.

An example policy with the minimum rights can be found at iam-policy.json.


You can choose to install ALB ingress controller via Helm or Kubectl


  1. Add helm incubator repository

    helm repo add incubator

  2. Install ALB ingress controller

    helm install incubator/aws-alb-ingress-controller --set autoDiscoverAwsRegion=true --set autoDiscoverAwsVpcID=true --set clusterName=MyClusterName

More docs on


  1. Download sample ALB ingress controller manifest


  2. Configure the ALB ingress controller manifest

    At minimum, edit the following variables:

    • --cluster-name=devCluster: name of the cluster. AWS resources will be tagged with


    If ec2metadata is unavailable from the controller pod, edit the following variables:

    • --aws-vpc-id=vpc-xxxxxx: vpc ID of the cluster.
    • --aws-region=us-west-1: AWS region of the cluster.
  3. Deploy the RBAC roles manifest

    kubectl apply -f
  4. Deploy the ALB ingress controller manifest

    kubectl apply -f alb-ingress-controller.yaml
  5. Verify the deployment was successful and the controller started

    kubectl logs -n kube-system $(kubectl get po -n kube-system | egrep -o "alb-ingress[a-zA-Z0-9-]+")

    Should display output similar to the following.

    AWS ALB Ingress controller
    Release:    1.0.0
    Build:      git-7bc1850b