diff --git a/terraform/layer1-aws/.terraform.lock.hcl b/terraform/layer1-aws/.terraform.lock.hcl
index 2c58d4ce..b129a238 100644
--- a/terraform/layer1-aws/.terraform.lock.hcl
+++ b/terraform/layer1-aws/.terraform.lock.hcl
@@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/aws" {
   constraints = ">= 2.49.0, >= 2.53.0, >= 3.10.0, >= 3.22.0, 3.38.0"
   hashes = [
     "h1:ARuS11ThIcUfmAQKWNXGPLOa1GheaIwkeCnMh9Mjvao=",
+    "h1:qKEjN/EM56XT46vGY33eoq7nD6JuGqRqFp7tkzTrRM0=",
     "zh:20476d4c1b0c0efc55226bcbd85fbd948638fd9860a0edcdb7875cbb2b449e46",
     "zh:7102622e6549cc3fc46b9ad68cbf4c50b162ce1013d4da817d05d1edf1f12fae",
     "zh:74ff7f1610065e14c043cd9d74b3d5e0de4474f09a1a81e0b126b920b5cf6a27",
@@ -25,6 +26,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
   constraints = ">= 1.11.1, 2.1.0"
   hashes = [
     "h1:8RC6upWV190+kE3+rYI4HuSouBUOfOXwV5GvIEXW4nk=",
+    "h1:L/3XfqLQ4bS1PjH/FksJPm+MYIOxCwn97ozbfSwg/VQ=",
     "zh:22e2bcef08fb7f97ed503a27e3725d9d14fdd09fe3aa144fae8a7f78ed27856a",
     "zh:2380cc2a91239b80ea380af8a7fcdcc7396f5213a71a251a5505c962ac6cb9c2",
     "zh:496ea2818d5480590ada763672be051f4e76dc12c6a61fde2faa0c909e174eb7",
diff --git a/terraform/layer2-k8s/.terraform.lock.hcl b/terraform/layer2-k8s/.terraform.lock.hcl
index 6a3a2abb..65b3b6c0 100644
--- a/terraform/layer2-k8s/.terraform.lock.hcl
+++ b/terraform/layer2-k8s/.terraform.lock.hcl
@@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/aws" {
   constraints = "3.38.0"
   hashes = [
     "h1:ARuS11ThIcUfmAQKWNXGPLOa1GheaIwkeCnMh9Mjvao=",
+    "h1:qKEjN/EM56XT46vGY33eoq7nD6JuGqRqFp7tkzTrRM0=",
     "zh:20476d4c1b0c0efc55226bcbd85fbd948638fd9860a0edcdb7875cbb2b449e46",
     "zh:7102622e6549cc3fc46b9ad68cbf4c50b162ce1013d4da817d05d1edf1f12fae",
     "zh:74ff7f1610065e14c043cd9d74b3d5e0de4474f09a1a81e0b126b920b5cf6a27",
@@ -42,6 +43,7 @@ provider "registry.terraform.io/hashicorp/helm" {
   version     = "2.1.2"
   constraints = "2.1.2"
   hashes = [
+    "h1:UVuNjmuEM4ZVtItbh1QRGulkBWxDY929roxFQhEf9Ks=",
     "h1:axFN2JRP+iDo8EAhCfnA3fRUCB5S5x4zCKkivWLNN+Y=",
     "zh:09bd2b6f33a040c3fd59d82c9768b886b8c82163e31ec92dc1b747229d0548df",
     "zh:09f209fa57ad5d01f04c458f1719b42958ca5e0fc2eca63d9ec29f92c77a29f8",
@@ -62,6 +64,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
   constraints = "2.1.0"
   hashes = [
     "h1:8RC6upWV190+kE3+rYI4HuSouBUOfOXwV5GvIEXW4nk=",
+    "h1:L/3XfqLQ4bS1PjH/FksJPm+MYIOxCwn97ozbfSwg/VQ=",
     "zh:22e2bcef08fb7f97ed503a27e3725d9d14fdd09fe3aa144fae8a7f78ed27856a",
     "zh:2380cc2a91239b80ea380af8a7fcdcc7396f5213a71a251a5505c962ac6cb9c2",
     "zh:496ea2818d5480590ada763672be051f4e76dc12c6a61fde2faa0c909e174eb7",
diff --git a/terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf b/terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf
new file mode 100644
index 00000000..840b2c18
--- /dev/null
+++ b/terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf
@@ -0,0 +1,11 @@
+module "eks_alb_ingress" {
+  source = "../modules/eks-aws-loadbalancer-controller"
+  count  = var.aws_loadbalancer_controller_enable ? 1 : 0
+
+  name              = local.name
+  region            = local.region
+  oidc_provider_arn = local.eks_oidc_provider_arn
+  eks_cluster_id    = local.eks_cluster_id
+  vpc_id            = local.vpc_id
+  namespace         = module.ing_namespace.name
+}
diff --git a/terraform/layer2-k8s/examples/eks-alb-ingress-controller.tf b/terraform/layer2-k8s/examples/eks-alb-ingress-controller.tf
deleted file mode 100644
index 4be7d404..00000000
--- a/terraform/layer2-k8s/examples/eks-alb-ingress-controller.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-module "aws_iam_alb_ingress_controller" {
-  source = "../modules/aws-iam-alb-ingress-controller"
-
-  name              = local.name
-  region            = local.region
-  oidc_provider_arn = local.eks_oidc_provider_arn
-}
-
-data "template_file" "alb_ingress_controller" {
-  template = file("${path.module}/templates/alb-ingress-controller-values.yaml")
-
-  vars = {
-    role_arn     = module.aws_iam_alb_ingress_controller.role_arn
-    region       = local.region
-    cluster_name = local.eks_cluster_id
-    vpc_id       = local.vpc_id
-    image_tag    = var.alb_ingress_image_tag
-  }
-}
-
-resource "helm_release" "alb_ingress_controller" {
-  name        = "aws-alb-ingress-controller"
-  chart       = "aws-alb-ingress-controller"
-  repository  = local.helm_repo_incubator
-  version     = var.alb_ingress_chart_version
-  namespace   = kubernetes_namespace.ing.id
-  max_history = var.helm_release_history_size
-
-  values = [
-    data.template_file.alb_ingress_controller.rendered
-  ]
-}
diff --git a/terraform/layer2-k8s/variables.tf b/terraform/layer2-k8s/variables.tf
index 7f4cbd1a..f0acf4c3 100644
--- a/terraform/layer2-k8s/variables.tf
+++ b/terraform/layer2-k8s/variables.tf
@@ -60,14 +60,10 @@ variable "nginx_ingress_ssl_terminator" {
 }
 
 # ALB Ingress
-variable "alb_ingress_image_tag" {
-  description = "Tag of docker image for alb-ingress controller"
-  default     = "v1.1.5"
-}
-
-variable "alb_ingress_chart_version" {
-  description = "Version of alb-ingress helm chart"
-  default     = "1.0.4"
+variable "aws_loadbalancer_controller_enable" {
+  description = "Disable or Enable aws-loadbalancer-controller"
+  type        = bool
+  default     = true
 }
 
 # Cluster autoscaler
diff --git a/terraform/modules/aws-iam-alb-ingress-controller/iam.tf b/terraform/modules/aws-iam-alb-ingress-controller/iam.tf
deleted file mode 100644
index 2086aa92..00000000
--- a/terraform/modules/aws-iam-alb-ingress-controller/iam.tf
+++ /dev/null
@@ -1,144 +0,0 @@
-resource "aws_iam_role" "this" {
-  name_prefix        = "${var.name}-alb-ingress"
-  assume_role_policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Principal": {
-        "Federated": "${var.oidc_provider_arn}"
-      },
-      "Action": "sts:AssumeRoleWithWebIdentity",
-      "Condition": {
-        "StringEquals": {
-          "oidc.eks.${var.region}.amazonaws.com/id/${regex("[A-Z0-9]{32}", var.oidc_provider_arn)}:aud": "sts.amazonaws.com"
-        }
-      }
-    }
-  ]
-}
-EOF
-}
-
-
-resource "aws_iam_role_policy" "this" {
-  name_prefix = "${var.name}-alb-ingress"
-  role        = aws_iam_role.this.id
-
-  policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Action": [
-        "acm:DescribeCertificate",
-        "acm:ListCertificates",
-        "acm:GetCertificate"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "ec2:AuthorizeSecurityGroupIngress",
-        "ec2:CreateSecurityGroup",
-        "ec2:CreateTags",
-        "ec2:DeleteTags",
-        "ec2:DeleteSecurityGroup",
-        "ec2:DescribeAccountAttributes",
-        "ec2:DescribeAddresses",
-        "ec2:DescribeInstances",
-        "ec2:DescribeInstanceStatus",
-        "ec2:DescribeInternetGateways",
-        "ec2:DescribeNetworkInterfaces",
-        "ec2:DescribeSecurityGroups",
-        "ec2:DescribeSubnets",
-        "ec2:DescribeTags",
-        "ec2:DescribeVpcs",
-        "ec2:ModifyInstanceAttribute",
-        "ec2:ModifyNetworkInterfaceAttribute",
-        "ec2:RevokeSecurityGroupIngress"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "elasticloadbalancing:AddListenerCertificates",
-        "elasticloadbalancing:AddTags",
-        "elasticloadbalancing:CreateListener",
-        "elasticloadbalancing:CreateLoadBalancer",
-        "elasticloadbalancing:CreateRule",
-        "elasticloadbalancing:CreateTargetGroup",
-        "elasticloadbalancing:DeleteListener",
-        "elasticloadbalancing:DeleteLoadBalancer",
-        "elasticloadbalancing:DeleteRule",
-        "elasticloadbalancing:DeleteTargetGroup",
-        "elasticloadbalancing:DeregisterTargets",
-        "elasticloadbalancing:DescribeListenerCertificates",
-        "elasticloadbalancing:DescribeListeners",
-        "elasticloadbalancing:DescribeLoadBalancers",
-        "elasticloadbalancing:DescribeLoadBalancerAttributes",
-        "elasticloadbalancing:DescribeRules",
-        "elasticloadbalancing:DescribeSSLPolicies",
-        "elasticloadbalancing:DescribeTags",
-        "elasticloadbalancing:DescribeTargetGroups",
-        "elasticloadbalancing:DescribeTargetGroupAttributes",
-        "elasticloadbalancing:DescribeTargetHealth",
-        "elasticloadbalancing:ModifyListener",
-        "elasticloadbalancing:ModifyLoadBalancerAttributes",
-        "elasticloadbalancing:ModifyRule",
-        "elasticloadbalancing:ModifyTargetGroup",
-        "elasticloadbalancing:ModifyTargetGroupAttributes",
-        "elasticloadbalancing:RegisterTargets",
-        "elasticloadbalancing:RemoveListenerCertificates",
-        "elasticloadbalancing:RemoveTags",
-        "elasticloadbalancing:SetIpAddressType",
-        "elasticloadbalancing:SetSecurityGroups",
-        "elasticloadbalancing:SetSubnets",
-        "elasticloadbalancing:SetWebACL"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "iam:CreateServiceLinkedRole",
-        "iam:GetServerCertificate",
-        "iam:ListServerCertificates"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "waf-regional:GetWebACLForResource",
-        "waf-regional:GetWebACL",
-        "waf-regional:AssociateWebACL",
-        "waf-regional:DisassociateWebACL"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "tag:GetResources",
-        "tag:TagResources"
-      ],
-      "Resource": "*"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "waf:GetWebACL"
-      ],
-      "Resource": "*"
-    }
-  ]
-}
-EOF
-}
-
-
diff --git a/terraform/modules/aws-iam-aws-loadbalancer-controller/iam.tf b/terraform/modules/aws-iam-aws-loadbalancer-controller/iam.tf
new file mode 100644
index 00000000..33e01763
--- /dev/null
+++ b/terraform/modules/aws-iam-aws-loadbalancer-controller/iam.tf
@@ -0,0 +1,240 @@
+resource "aws_iam_role" "this" {
+  name_prefix        = "${var.name}-alb-ingress"
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Principal": {
+        "Federated": "${var.oidc_provider_arn}"
+      },
+      "Action": "sts:AssumeRoleWithWebIdentity",
+      "Condition": {
+        "StringEquals": {
+          "oidc.eks.${var.region}.amazonaws.com/id/${regex("[A-Z0-9]{32}", var.oidc_provider_arn)}:aud": "sts.amazonaws.com"
+        }
+      }
+    }
+  ]
+}
+EOF
+}
+
+
+resource "aws_iam_role_policy" "this" {
+  name_prefix = "${var.name}-alb-ingress"
+  role        = aws_iam_role.this.id
+
+  policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "iam:CreateServiceLinkedRole",
+                "ec2:DescribeAccountAttributes",
+                "ec2:DescribeAddresses",
+                "ec2:DescribeAvailabilityZones",
+                "ec2:DescribeInternetGateways",
+                "ec2:DescribeVpcs",
+                "ec2:DescribeSubnets",
+                "ec2:DescribeSecurityGroups",
+                "ec2:DescribeInstances",
+                "ec2:DescribeNetworkInterfaces",
+                "ec2:DescribeTags",
+                "ec2:GetCoipPoolUsage",
+                "ec2:DescribeCoipPools",
+                "elasticloadbalancing:DescribeLoadBalancers",
+                "elasticloadbalancing:DescribeLoadBalancerAttributes",
+                "elasticloadbalancing:DescribeListeners",
+                "elasticloadbalancing:DescribeListenerCertificates",
+                "elasticloadbalancing:DescribeSSLPolicies",
+                "elasticloadbalancing:DescribeRules",
+                "elasticloadbalancing:DescribeTargetGroups",
+                "elasticloadbalancing:DescribeTargetGroupAttributes",
+                "elasticloadbalancing:DescribeTargetHealth",
+                "elasticloadbalancing:DescribeTags"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "cognito-idp:DescribeUserPoolClient",
+                "acm:ListCertificates",
+                "acm:DescribeCertificate",
+                "iam:ListServerCertificates",
+                "iam:GetServerCertificate",
+                "waf-regional:GetWebACL",
+                "waf-regional:GetWebACLForResource",
+                "waf-regional:AssociateWebACL",
+                "waf-regional:DisassociateWebACL",
+                "wafv2:GetWebACL",
+                "wafv2:GetWebACLForResource",
+                "wafv2:AssociateWebACL",
+                "wafv2:DisassociateWebACL",
+                "shield:GetSubscriptionState",
+                "shield:DescribeProtection",
+                "shield:CreateProtection",
+                "shield:DeleteProtection"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:AuthorizeSecurityGroupIngress",
+                "ec2:RevokeSecurityGroupIngress"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:CreateSecurityGroup"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:CreateTags"
+            ],
+            "Resource": "arn:aws:ec2:*:*:security-group/*",
+            "Condition": {
+                "StringEquals": {
+                    "ec2:CreateAction": "CreateSecurityGroup"
+                },
+                "Null": {
+                    "aws:RequestTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:CreateTags",
+                "ec2:DeleteTags"
+            ],
+            "Resource": "arn:aws:ec2:*:*:security-group/*",
+            "Condition": {
+                "Null": {
+                    "aws:RequestTag/elbv2.k8s.aws/cluster": "true",
+                    "aws:ResourceTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:AuthorizeSecurityGroupIngress",
+                "ec2:RevokeSecurityGroupIngress",
+                "ec2:DeleteSecurityGroup"
+            ],
+            "Resource": "*",
+            "Condition": {
+                "Null": {
+                    "aws:ResourceTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:CreateLoadBalancer",
+                "elasticloadbalancing:CreateTargetGroup"
+            ],
+            "Resource": "*",
+            "Condition": {
+                "Null": {
+                    "aws:RequestTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:CreateListener",
+                "elasticloadbalancing:DeleteListener",
+                "elasticloadbalancing:CreateRule",
+                "elasticloadbalancing:DeleteRule"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:AddTags",
+                "elasticloadbalancing:RemoveTags"
+            ],
+            "Resource": [
+                "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*",
+                "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*",
+                "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*"
+            ],
+            "Condition": {
+                "Null": {
+                    "aws:RequestTag/elbv2.k8s.aws/cluster": "true",
+                    "aws:ResourceTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:AddTags",
+                "elasticloadbalancing:RemoveTags"
+            ],
+            "Resource": [
+                "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*",
+                "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*",
+                "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*",
+                "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*"
+            ]
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:ModifyLoadBalancerAttributes",
+                "elasticloadbalancing:SetIpAddressType",
+                "elasticloadbalancing:SetSecurityGroups",
+                "elasticloadbalancing:SetSubnets",
+                "elasticloadbalancing:DeleteLoadBalancer",
+                "elasticloadbalancing:ModifyTargetGroup",
+                "elasticloadbalancing:ModifyTargetGroupAttributes",
+                "elasticloadbalancing:DeleteTargetGroup"
+            ],
+            "Resource": "*",
+            "Condition": {
+                "Null": {
+                    "aws:ResourceTag/elbv2.k8s.aws/cluster": "false"
+                }
+            }
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:RegisterTargets",
+                "elasticloadbalancing:DeregisterTargets"
+            ],
+            "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "elasticloadbalancing:SetWebAcl",
+                "elasticloadbalancing:ModifyListener",
+                "elasticloadbalancing:AddListenerCertificates",
+                "elasticloadbalancing:RemoveListenerCertificates",
+                "elasticloadbalancing:ModifyRule"
+            ],
+            "Resource": "*"
+        }
+    ]
+}
+EOF
+}
+
+
diff --git a/terraform/modules/aws-iam-alb-ingress-controller/outputs.tf b/terraform/modules/aws-iam-aws-loadbalancer-controller/outputs.tf
similarity index 100%
rename from terraform/modules/aws-iam-alb-ingress-controller/outputs.tf
rename to terraform/modules/aws-iam-aws-loadbalancer-controller/outputs.tf
diff --git a/terraform/modules/aws-iam-alb-ingress-controller/variables.tf b/terraform/modules/aws-iam-aws-loadbalancer-controller/variables.tf
similarity index 100%
rename from terraform/modules/aws-iam-alb-ingress-controller/variables.tf
rename to terraform/modules/aws-iam-aws-loadbalancer-controller/variables.tf
diff --git a/terraform/modules/eks-aws-loadbalancer-controller/README.md b/terraform/modules/eks-aws-loadbalancer-controller/README.md
new file mode 100644
index 00000000..00674e70
--- /dev/null
+++ b/terraform/modules/eks-aws-loadbalancer-controller/README.md
@@ -0,0 +1,33 @@
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| helm | n/a |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| chart\_name | Helm  Chart name | `string` | `"aws-load-balancer-controller"` | no |
+| chart\_version | Chart version repository name | `string` | `"1.2.6"` | no |
+| eks\_cluster\_id | EKC identity cluster | `string` | `""` | no |
+| image\_tag | chart version alb ingress | `string` | `"v2.2.3"` | no |
+| max\_history | How much helm releases to store | `number` | `"5"` | no |
+| name | Project name, required to create unique resource names | `string` | `""` | no |
+| namespace | Name of kubernetes namespace for alb\_ingres | `string` | `""` | no |
+| oidc\_provider\_arn | ARN of EKS oidc provider | `string` | `""` | no |
+| region | eks infrastructure region | `string` | `""` | no |
+| release\_name | Helm  Release name | `string` | `"aws-load-balancer-controller"` | no |
+| replica\_count | Default number of replicas | `number` | `1` | no |
+| repository | Repository name for eks | `string` | `"https://aws.github.io/eks-charts"` | no |
+| values | helm chat template file | `map(any)` | `{}` | no |
+| vpc\_id | EKS cluster vps identity | `string` | `""` | no |
+
+## Outputs
+
+No output.
+
diff --git a/terraform/modules/eks-aws-loadbalancer-controller/locals.tf b/terraform/modules/eks-aws-loadbalancer-controller/locals.tf
new file mode 100644
index 00000000..51d33790
--- /dev/null
+++ b/terraform/modules/eks-aws-loadbalancer-controller/locals.tf
@@ -0,0 +1,11 @@
+locals {
+  alb_ingress_controller = templatefile("${path.module}/templates/alb-ingress-controller-values.yaml",
+    {
+      role_arn      = module.aws_iam_aws_loadbalancer_controller.role_arn,
+      region        = var.region,
+      cluster_name  = var.eks_cluster_id,
+      vpc_id        = var.vpc_id,
+      image_tag     = var.image_tag,
+      replica_count = var.replica_count,
+  })
+}
diff --git a/terraform/modules/eks-aws-loadbalancer-controller/main.tf b/terraform/modules/eks-aws-loadbalancer-controller/main.tf
new file mode 100644
index 00000000..8ab0696d
--- /dev/null
+++ b/terraform/modules/eks-aws-loadbalancer-controller/main.tf
@@ -0,0 +1,19 @@
+module "aws_iam_aws_loadbalancer_controller" {
+  source            = "../aws-iam-aws-loadbalancer-controller"
+  name              = var.name
+  region            = var.region
+  oidc_provider_arn = var.oidc_provider_arn
+}
+
+resource "helm_release" "aws_loadbalancer_controller" {
+  name             = var.release_name
+  chart            = var.chart_name
+  repository       = var.repository
+  version          = var.chart_version
+  namespace        = var.namespace
+  create_namespace = true
+  max_history      = var.max_history
+  values = [
+    local.alb_ingress_controller
+  ]
+}
diff --git a/terraform/modules/eks-aws-loadbalancer-controller/templates/alb-ingress-controller-values.yaml b/terraform/modules/eks-aws-loadbalancer-controller/templates/alb-ingress-controller-values.yaml
new file mode 100644
index 00000000..42807433
--- /dev/null
+++ b/terraform/modules/eks-aws-loadbalancer-controller/templates/alb-ingress-controller-values.yaml
@@ -0,0 +1,24 @@
+replicaCount: ${replica_count}
+
+clusterName: ${cluster_name}
+
+region: ${region}
+vpcId: ${vpc_id}
+
+serviceAccount:
+  create: true
+  annotations:
+     "eks.amazonaws.com/role-arn": ${role_arn}
+
+image:
+  tag: ${image_tag}
+
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: node.kubernetes.io/lifecycle
+          operator: In
+          values:
+            - ondemand
diff --git a/terraform/modules/eks-aws-loadbalancer-controller/variables.tf b/terraform/modules/eks-aws-loadbalancer-controller/variables.tf
new file mode 100644
index 00000000..de8f1e3f
--- /dev/null
+++ b/terraform/modules/eks-aws-loadbalancer-controller/variables.tf
@@ -0,0 +1,73 @@
+variable "name" {
+  description = "Project name, required to create unique resource names"
+  type        = string
+  default     = ""
+}
+variable "region" {
+  description = "eks infrastructure region"
+  type        = string
+  default     = ""
+}
+variable "oidc_provider_arn" {
+  description = "ARN of EKS oidc provider"
+  type        = string
+  default     = ""
+}
+variable "release_name" {
+  description = "Helm  Release name"
+  type        = string
+  default     = "aws-load-balancer-controller"
+}
+variable "chart_name" {
+  description = "Helm  Chart name"
+  type        = string
+  default     = "aws-load-balancer-controller"
+}
+variable "repository" {
+  description = "Repository name for eks"
+  type        = string
+  default     = "https://aws.github.io/eks-charts"
+}
+variable "chart_version" {
+  description = "Chart version repository name"
+  type        = string
+  default     = "1.2.6"
+}
+variable "namespace" {
+  description = "Name of kubernetes namespace for alb_ingres"
+  type        = string
+  default     = ""
+}
+variable "max_history" {
+  description = "How much helm releases to store"
+  type        = number
+  default     = "5"
+}
+
+variable "values" {
+  description = "helm chat template file"
+  type        = map(any)
+  default     = {}
+}
+variable "eks_cluster_id" {
+  description = "EKC identity cluster"
+  type        = string
+  default     = ""
+}
+
+variable "vpc_id" {
+  description = "EKS cluster vps identity"
+  type        = string
+  default     = ""
+}
+variable "image_tag" {
+  description = "chart version alb ingress"
+  type        = string
+  default     = "v2.2.3"
+}
+
+variable "replica_count" {
+  description = "Default number of replicas"
+  type        = number
+  default     = 1
+}