Skip to content

Docs: Custom Shared Backend Security Groups #4120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 17, 2025
Merged

Docs: Custom Shared Backend Security Groups #4120

merged 1 commit into from
Apr 17, 2025
+5 −1

Conversation

tucktuck9
Copy link
Contributor

Updates the Backend Security Groups configuration documentation to clarify important requirements for using Custom Shared Backend Security Groups. This update helps reduce confusion by making these requirements explicit.

Issue

N/A

Description

Added important notes under the Backend Security Groups Configuration section to specify that:

  • The Custom Shared Backend Security Group (--backend-security-group option) requires automatic addition of Inbound Rules to Node/ENI Security Group to be enabled
  • When using Custom Frontend Security Groups, the annotation service.beta.kubernetes.io/aws-load-balancer-manage-backend-security-group-rules: "true" must be set

Checklist

  • Added tests that cover your change (if possible)
  • Added/modified documentation as required (such as the README.md, or the docs directory)
  • Manually tested
  • Made sure the title of the PR is a good description that can go into the release notes

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

  • Backfilled missing tests for code in same general area 🎉
  • Refactored something and made the world a better place 🌟

@tucktuck9
Update security_groups.md
2992016 
Updates the Backend Security Groups configuration documentation to clarify important requirements for using Custom Shared Backend Security Groups.
@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented Apr 1, 2025
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

  • ✅ login: tucktuck9 / name: Leah Tucker (2992016)

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: tucktuck9
Once this PR has been reviewed and has the lgtm label, please assign wweiwei-li for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Apr 1, 2025
@k8s-ci-robot
Copy link
Contributor

Hi @tucktuck9. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Apr 1, 2025
@tucktuck9 tucktuck9 changed the title Update security_groups.md Docs: Custom Shared Backend Security Groups Apr 1, 2025
@zac-nixon
Copy link
Collaborator

/lgtm

Thank you!

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Apr 3, 2025
@tucktuck9
Copy link
Contributor Author

@wweiwei-li @M00nF1sh Can we get a final review/approval on this please?

@zac-nixon zac-nixon merged commit 1e2e378 into kubernetes-sigs:main Apr 17, 2025
4 of 5 checks passed
@zac-nixon zac-nixon mentioned this pull request May 6, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@M00nF1sh M00nF1sh Awaiting requested review from M00nF1sh

@wweiwei-li wweiwei-li Awaiting requested review from wweiwei-li

Assignees

@zac-nixon zac-nixon

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tucktuck9 @k8s-ci-robot @zac-nixon