diff --git a/docs/deploy.md b/docs/deploy.md
index fe4a56ac..86719733 100644
--- a/docs/deploy.md
+++ b/docs/deploy.md
@@ -14,7 +14,7 @@ Run through them again for a second cluster to use with the extended example sho
    ```bash
    eksctl create cluster --name $CLUSTER_NAME --region $AWS_REGION
    ```
-1. First, configure security group to receive traffic from the VPC Lattice fleet. You must set up security groups so that they allow all Pods communicating with VPC Lattice to allow traffic on all ports from the `169.254.171.0/24` address range. 
+1. First, configure security group to receive traffic from the VPC Lattice fleet. You must set up security groups so that they allow all Pods communicating with VPC Lattice to allow traffic on all ports from the `169.254.171.0/24` address range.
     ```bash
     PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]')
     MANAGED_PREFIX=$(aws ec2 get-managed-prefix-list-entries --prefix-list-id $PREFIX_LIST_ID --output json  | jq -r '.Entries[0].Cidr')
@@ -79,7 +79,12 @@ Run through them again for a second cluster to use with the extended example sho
    helm install gateway-api-controller \
       oci://public.ecr.aws/aws-application-networking-k8s/aws-gateway-controller-chart\
       --version=v0.0.12 \
-      --set=aws.region=$AWS_REGION --set=serviceAccount.create=false --namespace aws-application-networking-system
+      --set=serviceAccount.create=false --namespace aws-application-networking-system \
+      # Region, clusterVpcId, awsAccountId are required for case where IMDS is NOT AVAILABLE, e.g Fargate
+      --set=awsRegion= \
+      --set=clusterVpcId= \
+      --set=awsAccountId= \
+
    ```
 1. Create the `amazon-vpc-lattice` GatewayClass:
    ```bash
diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml
new file mode 100644
index 00000000..48762fbd
--- /dev/null
+++ b/helm/templates/configmap.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+    name: env-config
+data:
+    awsRegion: {{ .Values.awsRegion }}
+    awsAccountId: {{ .Values.awsAccountId }}
+    clusterVpcId: {{ .Values.clusterVpcId }}
diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml
index 26fafb16..505dd4a3 100644
--- a/helm/templates/deployment.yaml
+++ b/helm/templates/deployment.yaml
@@ -66,6 +66,23 @@ spec:
           periodSeconds: 10
         securityContext:
           allowPrivilegeEscalation: false
+        env:
+          - name: REGION
+            valueFrom:
+              configMapKeyRef:
+                name: env-config
+                key: awsRegion
+          - name: AWS_ACCOUNT_ID
+            valueFrom:
+              configMapKeyRef:
+                name: env-config
+                key: awsAccountId
+          - name: CLUSTER_VPC_ID
+            valueFrom:
+              configMapKeyRef:
+                name: env-config
+                key: clusterVpcId
+
       terminationGracePeriodSeconds: 10
       nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }}
       {{ if .Values.deployment.tolerations -}}
diff --git a/helm/values.yaml b/helm/values.yaml
index 0aaedfda..45739da8 100644
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -70,3 +70,7 @@ serviceAccount:
   name: gateway-api-controller
   annotations: {}
     # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME
+
+awsRegion:
+awsAccountId:
+clusterVpcId:
diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go
index 75889773..95827e69 100644
--- a/pkg/config/controller_config.go
+++ b/pkg/config/controller_config.go
@@ -12,20 +12,28 @@ import (
 const (
 	LatticeGatewayControllerName = "application-networking.k8s.aws/gateway-api-controller"
 	defaultLogLevel              = "Info"
-	NoDefaultServiceNetwork      = ""
-	NO_DEFAULT_SERVICE_NETWORK   = "NO_DEFAULT_SERVICE_NETWORK"
+	UnknownInput                 = ""
 )
 
-// TODO endpoint, region
-var VpcID = "vpc-xxxx"
-var AccountID = "yyyyyy"
-var Region = "us-west-2"
+const (
+	NO_DEFAULT_SERVICE_NETWORK      = "NO_DEFAULT_SERVICE_NETWORK"
+	REGION                          = "REGION"
+	CLUSTER_VPC_ID                  = "CLUSTER_VPC_ID"
+	CLUSTER_LOCAL_GATEWAY           = "CLUSTER_LOCAL_GATEWAY"
+	AWS_ACCOUNT_ID                  = "AWS_ACCOUNT_ID"
+	TARGET_GROUP_NAME_LEN_MODE      = "TARGET_GROUP_NAME_LEN_MODE"
+	GATEWAY_API_CONTROLLER_LOGLEVEL = "GATEWAY_API_CONTROLLER_LOGLEVEL"
+)
+
+var VpcID = UnknownInput
+var AccountID = UnknownInput
+var Region = UnknownInput
 var logLevel = defaultLogLevel
-var DefaultServiceNetwork = NoDefaultServiceNetwork
+var DefaultServiceNetwork = UnknownInput
 var UseLongTGName = false
 
 func GetLogLevel() string {
-	logLevel = os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL")
+	logLevel = os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL)
 	switch strings.ToLower(logLevel) {
 	case "debug":
 		return "10"
@@ -36,86 +44,74 @@ func GetLogLevel() string {
 }
 
 func GetClusterLocalGateway() (string, error) {
-	if DefaultServiceNetwork == NoDefaultServiceNetwork {
-		return NoDefaultServiceNetwork, errors.New(NO_DEFAULT_SERVICE_NETWORK)
+	if DefaultServiceNetwork == UnknownInput {
+		return UnknownInput, errors.New(NO_DEFAULT_SERVICE_NETWORK)
 	}
 
 	return DefaultServiceNetwork, nil
 }
 
 func ConfigInit() {
-	// discover VPC using environment first
-	VpcID = os.Getenv("CLUSTER_VPC_ID")
-	glog.V(2).Infoln("CLUSTER_VPC_ID: ", os.Getenv("CLUSTER_VPC_ID"))
-
-	// discover Account
-	AccountID = os.Getenv("AWS_ACCOUNT_ID")
-	if AccountID == "" {
-		AccountID = os.Getenv("AWS_ACCOUNT") // Fallback to AWS_ACCOUNT for compatibility
-	}
-	glog.V(2).Infoln("AWS_ACCOUNT_ID:", AccountID)
-
-	// discover Region
-	Region = os.Getenv("REGION")
-	glog.V(2).Infoln("REGION:", os.Getenv("REGION"))
-
-	logLevel = os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL")
-	glog.V(2).Infoln("Logging Level:", os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL"))
-
-	DefaultServiceNetwork = os.Getenv("CLUSTER_LOCAL_GATEWAY")
-
-	if DefaultServiceNetwork == NoDefaultServiceNetwork {
-		glog.V(2).Infoln("No CLUSTER_LOCAL_GATEWAY")
-	} else {
-
-		glog.V(2).Infoln("CLUSTER_LOCAL_GATEWAY", DefaultServiceNetwork)
-	}
-
-	tgNameLengthMode := os.Getenv("TARGET_GROUP_NAME_LEN_MODE")
-
-	glog.V(2).Infoln("TARGET_GROUP_NAME_LEN_MODE", tgNameLengthMode)
-
-	if tgNameLengthMode == "long" {
-		UseLongTGName = true
-	} else {
-		UseLongTGName = false
-	}
 
 	sess, _ := session.NewSession()
 	metadata := NewEC2Metadata(sess)
-
 	var err error
-	if ifRunningInCluster() {
+
+	// CLUSTER_VPC_ID
+	VpcID = os.Getenv(CLUSTER_VPC_ID)
+	if VpcID != UnknownInput {
+		glog.V(2).Infoln("CLUSTER_VPC_ID passed as input:", VpcID)
+	} else {
 		VpcID, err = metadata.VpcID()
+		glog.V(2).Infoln("CLUSTER_VPC_ID from IMDS config discovery :", VpcID)
 		if err != nil {
-			return
+			glog.V(2).Infoln("IMDS config discovery for CLUSTER_VPC_ID is NOT AVAILABLE :", err)
 		}
+	}
+
+	// REGION
+	Region = os.Getenv(REGION)
+	if Region != UnknownInput {
+		glog.V(2).Infoln("REGION passed as input:", Region)
+	} else {
 		Region, err = metadata.Region()
+		glog.V(2).Infoln("REGION from IMDS config discovery :", Region)
 		if err != nil {
-			return
+			glog.V(2).Infoln("IMDS config discovery for REGION is NOT AVAILABLE :", err)
 		}
+	}
+
+	// AWS_ACCOUNT_ID
+	AccountID = os.Getenv(AWS_ACCOUNT_ID)
+	if AccountID != UnknownInput {
+		glog.V(2).Infoln("AWS_ACCOUNT_ID passed as input:", AccountID)
+	} else {
 		AccountID, err = metadata.AccountId()
+		glog.V(2).Infoln("AWS_ACCOUNT_ID from IMDS config discovery :", AccountID)
 		if err != nil {
-			return
+			glog.V(2).Infoln("IMDS config discovery for AWS_ACCOUNT_ID is NOT AVAILABLE :", err)
 		}
-		glog.V(2).Infoln("INSIDE CLUSTER CLUSTER_VPC_ID: ", VpcID)
-		glog.V(2).Infoln("INSIDE CLUSTER  REGION: ", Region)
-		glog.V(2).Infoln("INSIDE CLUSTER ACCOUNT_ID: ", AccountID)
 	}
-}
 
-func ifRunningInCluster() bool {
-	_, err := os.Stat("/var/run/secrets/kubernetes.io/serviceaccount")
-	if err == nil {
-		glog.V(2).Infoln("Controller is running inside cluster")
-		return true
-	}
+	// GATEWAY_API_CONTROLLER_LOGLEVEL
+	logLevel = os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL)
+	glog.V(2).Infoln("Logging Level:", os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL))
 
-	if os.IsNotExist(err) {
-		glog.V(2).Infoln("Controller is NOT running inside cluster")
-		return false
+	// CLUSTER_LOCAL_GATEWAY
+	DefaultServiceNetwork = os.Getenv(CLUSTER_LOCAL_GATEWAY)
+	if DefaultServiceNetwork == UnknownInput {
+		glog.V(2).Infoln("No CLUSTER_LOCAL_GATEWAY")
+	} else {
+		glog.V(2).Infoln("CLUSTER_LOCAL_GATEWAY", DefaultServiceNetwork)
 	}
 
-	glog.V(2).Infoln("Controller is NOT running inside cluster")
-	return false
+	// TARGET_GROUP_NAME_LEN_MODE
+	tgNameLengthMode := os.Getenv(TARGET_GROUP_NAME_LEN_MODE)
+	glog.V(2).Infoln("TARGET_GROUP_NAME_LEN_MODE", tgNameLengthMode)
+
+	if tgNameLengthMode == "long" {
+		UseLongTGName = true
+	} else {
+		UseLongTGName = false
+	}
 }
diff --git a/pkg/config/controller_config_test.go b/pkg/config/controller_config_test.go
new file mode 100644
index 00000000..2f2e3e8a
--- /dev/null
+++ b/pkg/config/controller_config_test.go
@@ -0,0 +1,61 @@
+package config
+
+import (
+	"github.com/stretchr/testify/assert"
+	"os"
+	"testing"
+)
+
+func Test_config_init_with_partial_env_var(t *testing.T) {
+	// Test variable
+	testRegion := "us-west-2"
+	testClusterVpcId := "vpc-123456"
+	testClusterLocalGateway := "default"
+
+	os.Setenv(REGION, testRegion)
+	os.Setenv(CLUSTER_VPC_ID, testClusterVpcId)
+	os.Setenv(CLUSTER_LOCAL_GATEWAY, testClusterLocalGateway)
+	os.Unsetenv(AWS_ACCOUNT_ID)
+	os.Unsetenv(TARGET_GROUP_NAME_LEN_MODE)
+	ConfigInit()
+	assert.Equal(t, Region, testRegion)
+	assert.Equal(t, VpcID, testClusterVpcId)
+	assert.Equal(t, AccountID, UnknownInput)
+	assert.Equal(t, DefaultServiceNetwork, testClusterLocalGateway)
+	assert.Equal(t, UseLongTGName, false)
+}
+
+func Test_config_init_no_env_var(t *testing.T) {
+	os.Unsetenv(REGION)
+	os.Unsetenv(CLUSTER_VPC_ID)
+	os.Unsetenv(CLUSTER_LOCAL_GATEWAY)
+	os.Unsetenv(AWS_ACCOUNT_ID)
+	os.Unsetenv(TARGET_GROUP_NAME_LEN_MODE)
+	ConfigInit()
+	assert.Equal(t, Region, UnknownInput)
+	assert.Equal(t, VpcID, UnknownInput)
+	assert.Equal(t, AccountID, UnknownInput)
+	assert.Equal(t, DefaultServiceNetwork, UnknownInput)
+	assert.Equal(t, UseLongTGName, false)
+}
+
+func Test_config_init_with_all_env_var(t *testing.T) {
+	// Test variable
+	testRegion := "us-west-2"
+	testClusterVpcId := "vpc-123456"
+	testClusterLocalGateway := "default"
+	testTargetGroupNameLenMode := "long"
+	testAwsAccountId := "12345678"
+
+	os.Setenv(REGION, testRegion)
+	os.Setenv(CLUSTER_VPC_ID, testClusterVpcId)
+	os.Setenv(CLUSTER_LOCAL_GATEWAY, testClusterLocalGateway)
+	os.Setenv(AWS_ACCOUNT_ID, testAwsAccountId)
+	os.Setenv(TARGET_GROUP_NAME_LEN_MODE, testTargetGroupNameLenMode)
+	ConfigInit()
+	assert.Equal(t, Region, testRegion)
+	assert.Equal(t, VpcID, testClusterVpcId)
+	assert.Equal(t, AccountID, testAwsAccountId)
+	assert.Equal(t, DefaultServiceNetwork, testClusterLocalGateway)
+	assert.Equal(t, UseLongTGName, true)
+}
diff --git a/pkg/config/ec2_metadata.go b/pkg/config/ec2_metadata.go
index dfdd5eef..3b589d7c 100644
--- a/pkg/config/ec2_metadata.go
+++ b/pkg/config/ec2_metadata.go
@@ -34,7 +34,6 @@ func (c *defaultEC2Metadata) VpcID() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	fmt.Println("Get VPC ID from ec2 metadata: ", vpcID)
 	return vpcID, nil
 }
 
@@ -43,7 +42,6 @@ func (c *defaultEC2Metadata) Region() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	fmt.Println("Get region from ec2 metadata: ", region)
 	return region, nil
 }