You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guide/service/annotations.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -498,12 +498,12 @@ Load balancer access can be controlled via following annotations:
498
498
- <a name="lb-source-ranges">`service.beta.kubernetes.io/load-balancer-source-ranges`</a> specifies the CIDRs that are allowed to access the NLB.
499
499
500
500
!!!tip
501
-
we recommend specifying CIDRs in the service `spec.loadBalancerSourceRanges` instead
501
+
- We recommend specifying CIDRs in the service `spec.loadBalancerSourceRanges` instead
502
+
- For enhanced security with `internal` network load balancers, we recommend limiting access by specifying allowed source IP ranges. This can be done using either the `service.beta.kubernetes.io/load-balancer-source-ranges` annotation or the `spec.loadBalancerSourceRanges` field.
502
503
503
504
!!!note "Default"
504
505
- `0.0.0.0/0` will be used if the IPAddressType is "ipv4"
505
506
- `0.0.0.0/0` and `::/0` will be used if the IPAddressType is "dualstack"
506
-
- The VPC CIDR will be used if `service.beta.kubernetes.io/aws-load-balancer-scheme` is `internal`
507
507
508
508
!!!warning ""
509
509
This annotation will be ignored in case preserve client IP is not enabled.
0 commit comments