Ability to make `manage-backend-security-group-rules: true` by default

[kimxogus]

Describe the feature you are requesting
We need to add manage-backend-security-group-rules: true annotation manually to ingresses and services to attach the shared backend security group. It would be helpful to me if there's an option to make that enabled for all ingresses and services by default.

Motivation
I'm managing k8s clusters with hundreds of ingresses and lb services, and it's almost impossible for me to add them manually.

Describe the proposed solution you'd like
Add arg like --manage-backend-security-group-rules <true|false> with false as default value.

Describe alternatives you've considered
Maybe IngressClassParams? but it doesn't seem to fit my environment.

Contribution Intention (Optional)

• Yes, I am willing to contribute a PR to implement this feature
• No, I cannot work on a PR at this time

[sarevalo2002]

Thank you for this submission! We'll look into this one and see if it's feasible in the near future.

[wweiwei-li]

Thanks for bringing this up. Instead of IngressClassParam, we can consider adding a feature flag here https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/deploy/configurations/#feature-gates.

[kimxogus]

@wweiwei-li As backend sg feature is already enabled and this feature is modifying its default value, so I think adding cli flag is more proper way like default-target-type

[sga80]

@wweiwei-li , I looked into this and I have a fix ready. Before I create a PR, I would like to test this. Can you please suggest on how I can test ? Here is the branch https://github.com/sga80/aws-load-balancer-controller/tree/ISSUE-4086

[wweiwei-li]

@sga80 we just had a PR merged for this : #4145