From e1f8e81800695c89662207f0a38a685e3e29bacd Mon Sep 17 00:00:00 2001
From: Rares Matei <matei.rar@gmail.com>
Date: Tue, 5 Nov 2024 18:25:48 +0000
Subject: [PATCH] aws guide additions (#112)

* add aws policy tag suggestion

* add new aws annotations

* mention possibility to use nodeport services
---
 aws-guide/AWS-GUIDE.md    | 5 ++++-
 aws-guide/helm-values.yml | 9 +++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/aws-guide/AWS-GUIDE.md b/aws-guide/AWS-GUIDE.md
index cfca37d..ce5f560 100644
--- a/aws-guide/AWS-GUIDE.md
+++ b/aws-guide/AWS-GUIDE.md
@@ -253,4 +253,7 @@ eksctl create iamserviceaccount \
    - If that doesn't work, try changing the [`alb.ingress.kubernetes.io/target-type`](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/annotations/#traffic-routing) to `ip` 
 
 2. If you experience S3 permissions issues when trying to retrieve an artefact with the NxCloud runner:
-   3. If your bucket is encrypted, you need to add the `kms:GenerateDataKey` to the S3 access policy
\ No newline at end of file
+   3. If your bucket is encrypted, you need to add the `kms:GenerateDataKey` to the S3 access policy
+
+3. If you don't see a Load Balancer EC2 instance being created, you might need crated in step 3.1. above [like this](https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3399#issuecomment-1733186035)
+   - You can also try setting your [frontend service type to be NodePort](https://github.com/nrwl/nx-cloud-helm/blob/main/charts/nx-cloud/values.yaml#L35) as well as the [nx-api service type to be NodePort](https://github.com/nrwl/nx-cloud-helm/blob/main/charts/nx-cloud/values.yaml#L59) 
\ No newline at end of file
diff --git a/aws-guide/helm-values.yml b/aws-guide/helm-values.yml
index b17011b..ed66a0e 100644
--- a/aws-guide/helm-values.yml
+++ b/aws-guide/helm-values.yml
@@ -4,10 +4,11 @@ image:
 nxCloudAppURL: 'https://your-domain-nx-cloud.com' # <-- if you are using HTTPS and you know your domain name, change this value now. Otherwise, we'll configure it later below.
 
 ingress:
-  class: 'alb'
-  albScheme: 'internet-facing'
-  albListenPorts: '[{"HTTPS":443}]' # this can also be "HTTP":80 if you skipped the certificate part above
-  albCertificateArn: 'arn:aws:acm:us-east-1:411686525067:certificate/8adf7812-a1af-4eae-af1b-ea425a238a67' # your certificate ARN here which you copied above. Remove this option if you only want HTTP.
+  kubernetes.io/ingress.class: alb
+  alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:411686525067:certificate/8adf7812-a1af-4eae-af1b-ea425a238a67
+  alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443, "HTTP": 80}]' # this can also be "HTTP":80 if you skipped the certificate part above
+  alb.ingress.kubernetes.io/scheme: internet-facing
+  alb.ingress.kubernetes.io/target-type: ip
 
 secret:
   name: 'nx-cloud-k8s-secret'