Trying to set alb.ingress.kubernetes.io/wafv2-acl-arn to none results in a parameter validation error

[andrewhharmon]

Describe the bug
I'm trying to disassociate a WAF from my ALB. The docs state you can't simply remove the annotation but must set the value to none. Upon doing that I get a reconciliation error stating the value must be larger than 20

Warning  FailedDeployModel  2m11s (x2 over 9m10s)  ingress  Failed deploy model due to failed to update WAFv2 webACL association on LoadBalancer: InvalidParameter: 1 validation error(s) found.                                                                                                                         │
 - minimum field size of 20, AssociateWebACLInput.WebACLArn.

Steps to reproduce

• Create ALB with alb.ingress.kubernetes.io/wafv2-acl-arn set to an arn of a WAF
• Set alb.ingress.kubernetes.io/wafv2-acl-arn to none

Expected outcome
ALB removes WAF integration

Environment

• AWS Load Balancer controller version
  2.8.1
• Kubernetes version
  1.31
• Using EKS (yes/no), if so version?
  yes, eks.16

Additional Context:

[wweiwei-li]

Can you use alb.ingress.kubernetes.io/wafv2-acl-arn: "none"

[andrewhharmon]

No, thats specifically what I tried. It doesn't seem to allow a string < 20 chars

[wweiwei-li]

Hey. I think I found the reason. This is a new behavior introduced in release v2.8.2, but you are still using v2.8.1

[andrewhharmon]

oh interesting. thanks @wweiwei-li . I will test this out today. yes I am on v2.8.1