Morning 👋 we're using the pulumi EKS library to wrap our own library around and hitting an issue with the ALB ingress controller, whereby more than one security group is tagged with

<http://kubernetes.io/cluster/${clusterName}|kubernetes.io/cluster/${clusterName}>: owned

, this prevents the reconciler from automatically provisioning requested ingress, due to the target group bindings not being able to assign a default SG. I've had a browse through: • https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/1181 • https://github.com/aws-ia/terraform-aws-eks-blueprints/pull/799/files • https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/1897 and also tried managing the security groups myself to control the tags applied, and can never seem to get below 3 SG's with the tags present. Obviously we can supply SGs to the ALB ingress controller via annotations but I'd quite like this to work automagically. Any help/advice would be appreciated. Cheers