diff --git a/pkg/deploy/elbv2/listener_manager.go b/pkg/deploy/elbv2/listener_manager.go index 89e398640..1aa4a6b70 100644 --- a/pkg/deploy/elbv2/listener_manager.go +++ b/pkg/deploy/elbv2/listener_manager.go @@ -3,6 +3,7 @@ package elbv2 import ( "context" "reflect" + "strings" "time" awssdk "github.com/aws/aws-sdk-go-v2/aws" @@ -101,7 +102,8 @@ func (m *defaultListenerManager) Create(ctx context.Context, resLS *elbv2model.L }); err != nil { return elbv2model.ListenerStatus{}, errors.Wrap(err, "failed to update extra certificates on listener") } - if areListenerAttributesSupported(resLS.Spec.Protocol) { + listenerARN := awssdk.ToString(sdkLS.Listener.ListenerArn) + if !isIsolatedRegion(getRegionFromARN(listenerARN)) && areListenerAttributesSupported(resLS.Spec.Protocol) { if err := m.attributesReconciler.Reconcile(ctx, resLS, sdkLS); err != nil { return elbv2model.ListenerStatus{}, err } @@ -121,7 +123,8 @@ func (m *defaultListenerManager) Update(ctx context.Context, resLS *elbv2model.L if err := m.updateSDKListenerWithExtraCertificates(ctx, resLS, sdkLS, false); err != nil { return elbv2model.ListenerStatus{}, err } - if areListenerAttributesSupported(resLS.Spec.Protocol) { + listenerARN := awssdk.ToString(sdkLS.Listener.ListenerArn) + if !isIsolatedRegion(getRegionFromARN(listenerARN)) && areListenerAttributesSupported(resLS.Spec.Protocol) { if err := m.attributesReconciler.Reconcile(ctx, resLS, sdkLS); err != nil { return elbv2model.ListenerStatus{}, err } @@ -379,3 +382,17 @@ func areListenerAttributesSupported(protocol elbv2model.Protocol) bool { supported, exists := PROTOCOLS_SUPPORTING_LISTENER_ATTRIBUTES[protocol] return exists && supported } + +func getRegionFromARN(arn string) string { + if strings.HasPrefix(arn, "arn:") { + arnElements := strings.Split(arn, ":") + if len(arnElements) > 3 { + return arnElements[3] + } + } + return "" +} + +func isIsolatedRegion(region string) bool { + return strings.Contains(strings.ToLower(region), "-iso-") +} diff --git a/test/e2e/service/nlb_instance_target_test.go b/test/e2e/service/nlb_instance_target_test.go index 89fa1dec5..f410db72d 100644 --- a/test/e2e/service/nlb_instance_target_test.go +++ b/test/e2e/service/nlb_instance_target_test.go @@ -160,20 +160,23 @@ var _ = Describe("test k8s service reconciled by the aws load balancer controlle }) Expect(err).NotTo(HaveOccurred()) }) - By("modifying listener attributes", func() { - err := stack.UpdateServiceAnnotations(ctx, tf, map[string]string{ - "service.beta.kubernetes.io/aws-load-balancer-listener-attributes.TCP-80": "tcp.idle_timeout.seconds=400", - }) - Expect(err).NotTo(HaveOccurred()) + // remove this once listener attributes are available in ADC region + if tf.Options.AWSRegion != "us-iso-east-1" && tf.Options.AWSRegion != "us-iso-west-1" && tf.Options.AWSRegion != "us-isob-east-1" { + By("modifying listener attributes", func() { + err := stack.UpdateServiceAnnotations(ctx, tf, map[string]string{ + "service.beta.kubernetes.io/aws-load-balancer-listener-attributes.TCP-80": "tcp.idle_timeout.seconds=400", + }) + Expect(err).NotTo(HaveOccurred()) - lsARN := getLoadBalancerListenerARN(ctx, tf, lbARN, "80") + lsARN := getLoadBalancerListenerARN(ctx, tf, lbARN, "80") - Eventually(func() bool { - return verifyListenerAttributes(ctx, tf, lsARN, map[string]string{ - "tcp.idle_timeout.seconds": "400", - }) == nil - }, utils.PollTimeoutShort, utils.PollIntervalMedium).Should(BeTrue()) - }) + Eventually(func() bool { + return verifyListenerAttributes(ctx, tf, lsARN, map[string]string{ + "tcp.idle_timeout.seconds": "400", + }) == nil + }, utils.PollTimeoutShort, utils.PollIntervalMedium).Should(BeTrue()) + }) + } }) It("should provision internal load-balancer resources", func() { By("deploying stack", func() {