Allow parameters like wafv2-acl-arn to be referenced via Kubernetes Secrets or ConfigMaps #4047
Description
Describe the feature you are requesting
We're looking for a way to manage AWS resources like Web ACLs and Certificates using Kubernetes Secrets or ConfigMaps instead of relying solely on ingress annotations. This change would allow us to deploy these resources within EKS using Terraform and then reference them in our Kubernetes configurations, making our setup more cohesive and efficient. Also it would align with the current prevalent GitOps Bridge Strategy.
Motivation
In our current workflow, we use Terraform to create infrastructure components such as Certificates and Web ACLs, while ArgoCD handles the deployment of Kubernetes Workloads. The existing method of managing these resources through ingress annotations feels a bit clunky and doesn't fit well with our infrastructure management strategy. By enabling the use of Kubernetes Secrets or ConfigMaps, we could streamline our processes, reduce complexity, and better align with our existing tools and practices.
Describe the proposed solution you'd like
We envision a solution where the AWS Load Balancer Controller can reference AWS resources like Web ACLs and Certificates directly from Kubernetes Secrets or ConfigMaps. This would mean we could deploy these resources using Terraform and then simply point to them in our ingress configurations. Such a feature would greatly enhance our ability to manage infrastructure in a more integrated and efficient manner.
Describe alternatives you've considered
We've thought about sticking with the current approach of using ingress annotations, but it doesn't really meet our needs as it complicates our workflow and doesn't fully utilize our Terraform capabilities. Another option would be to manage everything through Terraform, but that would require significant changes to our current setup with ArgoCD, which isn't ideal for us.