From 8769578b6411af33ce3a31fa6d6b56d064f62b04 Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Mon, 24 Jul 2023 17:01:56 +0800 Subject: [PATCH 1/8] Refactor ADOT to essentials submodule due to dependency on cert-manager --- README.md | 1 - main.tf | 7 ------- modules/essentials/README.md | 4 +++- modules/essentials/adot.tf | 9 +++++++++ variables.tf | 6 ------ 5 files changed, 12 insertions(+), 15 deletions(-) create mode 100644 modules/essentials/adot.tf diff --git a/README.md b/README.md index c3a1cfdb..d40ef6b3 100644 --- a/README.md +++ b/README.md @@ -279,7 +279,6 @@ module "karpenter" { | [default\_group\_volume\_size](#input\_default\_group\_volume\_size) | Size of the persistentence volume for the default group | `number` | `50` | no | | [eks\_managed\_node\_group\_defaults](#input\_eks\_managed\_node\_group\_defaults) | Map of EKS managed node group default configurations | `any` | 
{
  "create_iam_role": false,
  "disk_size": 50,
  "ebs_optimized": true,
  "enable_monitoring": true,
  "metadata_options": {
    "http_endpoint": "enabled",
    "http_put_response_hop_limit": 1,
    "http_tokens": "required",
    "instance_metadata_tags": "disabled"
  },
  "protect_from_scale_in": false,
  "update_launch_template_default_version": true
}
| no | | [eks\_managed\_node\_groups](#input\_eks\_managed\_node\_groups) | Map of EKS managed node group definitions to create | `any` | `{}` | no | -| [enable\_adot\_operator\_addon](#input\_enable\_adot\_operator\_addon) | If true, will install the Opentelemetry operator addon | `bool` | `false` | no | | [enable\_cluster\_windows\_support](#input\_enable\_cluster\_windows\_support) | Determines whether to create the amazon-vpc-cni configmap and windows worker roles into aws-auth. | `bool` | `false` | no | | [fargate\_cluster](#input\_fargate\_cluster) | Whether to create eks cluster with fargate mode. If true, default node group also will be fargate, otherwise managed | `bool` | `false` | no | | [fargate\_profile\_defaults](#input\_fargate\_profile\_defaults) | Map of Fargate Profile default configurations | `any` | `{}` | no | diff --git a/main.tf b/main.tf index 0da2a07c..58449a23 100644 --- a/main.tf +++ b/main.tf @@ -8,12 +8,6 @@ locals { ) ) : var.aws_auth_fargate_profile_pod_execution_role_arns - adot_addon = var.enable_adot_operator_addon ? { - adot = { - most_recent = true - preserve = true - } - } : {} } #tfsec:ignore:aws-eks-no-public-cluster-access-to-cidr #tfsec:ignore:aws-eks-no-public-cluster-access @@ -134,7 +128,6 @@ module "eks" { reserve = true } }, - local.adot_addon, var.cluster_addons, ) diff --git a/modules/essentials/README.md b/modules/essentials/README.md index 74a5bba7..190df531 100644 --- a/modules/essentials/README.md +++ b/modules/essentials/README.md @@ -95,6 +95,7 @@ module "eks_essentials" { | [aws_cloudwatch_event_target.node_termination_handler_spot](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource | | [aws_cloudwatch_log_group.aws_for_fluent_bit](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | | [aws_ecr_pull_through_cache_rule.cache](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_pull_through_cache_rule) | resource | +| [aws_eks_addon.adot_operator](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource | | [aws_iam_policy.ecr_cache](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | | [aws_iam_policy.fluent_bit_irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | | [aws_iam_role_policy_attachment.worker_ecr_pullthrough](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | @@ -194,6 +195,7 @@ module "eks_essentials" { | [ecr\_pull\_through\_cache\_rules](#input\_ecr\_pull\_through\_cache\_rules) | ECR Pull Through Cache Rules | 
map(object({
    registry = string
    prefix   = string
  }))
| 
{
  "aws_public": {
    "prefix": "public.ecr.aws",
    "registry": "public.ecr.aws"
  },
  "kubernetes": {
    "prefix": "registry.k8s.io",
    "registry": "registry.k8s.io"
  },
  "quay": {
    "prefix": "quay.io",
    "registry": "quay.io"
  }
}
| no | | [extra\_args](#input\_extra\_args) | Extra arguments | `list(any)` | `[]` | no | | [extra\_env](#input\_extra\_env) | Extra environment variables | `list(any)` | `[]` | no | +| [fargate\_mix\_node\_groups](#input\_fargate\_mix\_node\_groups) | Deploying mix workloads as in EKS Manage Node Groups and Fragate Node Groups, set this to TRUE | `bool` | `false` | no | | [feature\_gates](#input\_feature\_gates) | Feature gates to enable on the pod | `list(any)` | `[]` | no | | [fluent\_bit\_enabled](#input\_fluent\_bit\_enabled) | Enable fluent-bit helm charts installation. | `bool` | `true` | no | | [fluent\_bit\_extra\_helm\_values](#input\_fluent\_bit\_extra\_helm\_values) | Helm values for extra configuration | `string` | `""` | no | @@ -221,7 +223,7 @@ module "eks_essentials" { | [log\_level](#input\_log\_level) | Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose. | `number` | `2` | no | | [metrics\_server\_enabled](#input\_metrics\_server\_enabled) | Enable metrics-server helm charts installation. | `bool` | `true` | no | | [metrics\_server\_helm\_config](#input\_metrics\_server\_helm\_config) | Helm provider config for Metrics Server. | `any` | `{}` | no | -| [metrics\_server\_helm\_config\_defaults](#input\_metrics\_server\_helm\_config\_defaults) | Helm provider default config for Metrics Server. | `any` | 
{
  "chart": "metrics-server",
  "description": "Metric server helm Chart deployment configuration",
  "name": "metrics-server",
  "namespace": "kube-system",
  "repository": "https://kubernetes-sigs.github.io/metrics-server/",
  "version": "3.10.0"
}
| no | +| [metrics\_server\_helm\_config\_defaults](#input\_metrics\_server\_helm\_config\_defaults) | Helm provider default config for Metrics Server. | `any` | 
{
  "chart": "metrics-server",
  "description": "Metric server helm Chart deployment configuration",
  "name": "metrics-server",
  "repository": "https://kubernetes-sigs.github.io/metrics-server/",
  "version": "3.10.0"
}
| no | | [mutating\_webhook\_configuration\_annotations](#input\_mutating\_webhook\_configuration\_annotations) | Optional additional annotations to add to the webhook MutatingWebhookConfiguration | `map(string)` | `{}` | no | | [namespaces](#input\_namespaces) | List of namespaces to create | 
list(object({
    name        = string
    description = optional(string)
  }))
| 
[
  {
    "description": "For core Kubernetes services",
    "name": "core"
  }
]
| no | | [node\_exporter\_enabled](#input\_node\_exporter\_enabled) | Enable prometheus-node-exporters helm charts installation. | `bool` | `true` | no | diff --git a/modules/essentials/adot.tf b/modules/essentials/adot.tf new file mode 100644 index 00000000..b8bad937 --- /dev/null +++ b/modules/essentials/adot.tf @@ -0,0 +1,9 @@ +resource "aws_eks_addon" "adot_operator" { + cluster_name = var.cluster_name + addon_name = "adot" + resolve_conflicts_on_update = "OVERWRITE" + + depends_on = [ + helm_release.cert_manager, + ] +} diff --git a/variables.tf b/variables.tf index 60628ee1..cf9674cd 100644 --- a/variables.tf +++ b/variables.tf @@ -118,12 +118,6 @@ variable "cluster_addons_timeouts" { default = {} } -variable "enable_adot_operator_addon" { - description = "If true, will install the Opentelemetry operator addon" - type = bool - default = false -} - ####################### # Cluster Networking ####################### From 654f135ee55455406e2036de031496d04285719a Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Mon, 24 Jul 2023 17:18:42 +0800 Subject: [PATCH 2/8] remove resolve_conflicts_on_update --- modules/essentials/adot.tf | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/essentials/adot.tf b/modules/essentials/adot.tf index b8bad937..a7c57201 100644 --- a/modules/essentials/adot.tf +++ b/modules/essentials/adot.tf @@ -1,7 +1,6 @@ resource "aws_eks_addon" "adot_operator" { - cluster_name = var.cluster_name - addon_name = "adot" - resolve_conflicts_on_update = "OVERWRITE" + cluster_name = var.cluster_name + addon_name = "adot" depends_on = [ helm_release.cert_manager, From 01066bc65789d14f88a9f2cc65a0bbcd124e08fe Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Mon, 24 Jul 2023 17:41:54 +0800 Subject: [PATCH 3/8] Test versions v5 of AWS provider --- README.md | 4 ++-- versions.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index d40ef6b3..599c13a3 100644 --- a/README.md +++ b/README.md @@ -198,14 +198,14 @@ module "karpenter" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.0 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0 | +| [aws](#provider\_aws) | >= 5.0 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | ## Modules diff --git a/versions.tf b/versions.tf index 2bc7d753..22940a39 100644 --- a/versions.tf +++ b/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } # tflint-ignore: terraform_unused_required_providers kubernetes = { From f3a69e47591779b979834749bcc9456c94382ce6 Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Tue, 25 Jul 2023 11:20:30 +0800 Subject: [PATCH 4/8] Update eks module upstream version and provider to v5 --- README.md | 2 +- main.tf | 16 ++++++++-------- modules/eks_managed_nodes/README.md | 6 +++--- modules/eks_managed_nodes/main.tf | 2 +- modules/eks_managed_nodes/versions.tf | 2 +- modules/essentials/README.md | 4 ++-- modules/essentials/versions.tf | 2 +- modules/fargate_profile/README.md | 6 +++--- modules/fargate_profile/main.tf | 2 +- modules/fargate_profile/versions.tf | 2 +- modules/karpenter/karpenter.tf | 2 +- modules/karpenter/versions.tf | 2 +- modules/self_managed_nodes/README.md | 6 +++--- modules/self_managed_nodes/main.tf | 2 +- modules/self_managed_nodes/versions.tf | 2 +- 15 files changed, 29 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index 599c13a3..78372e90 100644 --- a/README.md +++ b/README.md @@ -213,7 +213,7 @@ module "karpenter" { | Name | Source | Version | |------|--------|---------| | [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | ~> 5.11.2 | -| [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 19.10.0 | +| [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 19.15.0 | | [fargate\_profiles](#module\_fargate\_profiles) | ./modules/fargate_profile | n/a | | [kms\_ebs](#module\_kms\_ebs) | SPHTech-Platform/kms/aws | ~> 0.1.0 | | [kms\_secret](#module\_kms\_secret) | SPHTech-Platform/kms/aws | ~> 0.1.0 | diff --git a/main.tf b/main.tf index 58449a23..4d09461f 100644 --- a/main.tf +++ b/main.tf @@ -15,7 +15,7 @@ locals { #tfsec:ignore:aws-eks-enable-control-plane-logging module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.10.0" + version = "~> 19.15.0" cluster_name = var.cluster_name cluster_version = var.cluster_version @@ -96,15 +96,15 @@ module "eks" { service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn } aws-ebs-csi-driver = { - most_recent = true - reserve = true - resolve_conflicts = "OVERWRITE" - service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn + most_recent = true + reserve = true + resolve_conflicts_on_create = "OVERWRITE" + service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn } coredns = var.fargate_cluster ? { - most_recent = true - reserve = true - resolve_conflicts = "OVERWRITE" + most_recent = true + reserve = true + resolve_conflicts_on_create = "OVERWRITE" configuration_values = jsonencode({ computeType = "Fargate" # https://github.com/aws-ia/terraform-aws-eks-blueprints/pull/1329 diff --git a/modules/eks_managed_nodes/README.md b/modules/eks_managed_nodes/README.md index fe005bb5..2d4d9dd3 100644 --- a/modules/eks_managed_nodes/README.md +++ b/modules/eks_managed_nodes/README.md @@ -4,19 +4,19 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0 | +| [aws](#provider\_aws) | >= 5.0 | ## Modules | Name | Source | Version | |------|--------|---------| -| [eks\_managed\_node\_group](#module\_eks\_managed\_node\_group) | terraform-aws-modules/eks/aws//modules/eks-managed-node-group | ~> 19.10.0 | +| [eks\_managed\_node\_group](#module\_eks\_managed\_node\_group) | terraform-aws-modules/eks/aws//modules/eks-managed-node-group | ~> 19.15.0 | ## Resources diff --git a/modules/eks_managed_nodes/main.tf b/modules/eks_managed_nodes/main.tf index 061f0d13..7db6e601 100644 --- a/modules/eks_managed_nodes/main.tf +++ b/modules/eks_managed_nodes/main.tf @@ -53,7 +53,7 @@ locals { ################################################################################ module "eks_managed_node_group" { source = "terraform-aws-modules/eks/aws//modules/eks-managed-node-group" - version = "~> 19.10.0" + version = "~> 19.15.0" for_each = local.eks_managed_node_groups diff --git a/modules/eks_managed_nodes/versions.tf b/modules/eks_managed_nodes/versions.tf index b4912520..dd0ebb96 100644 --- a/modules/eks_managed_nodes/versions.tf +++ b/modules/eks_managed_nodes/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } } } diff --git a/modules/essentials/README.md b/modules/essentials/README.md index 190df531..b75bb574 100644 --- a/modules/essentials/README.md +++ b/modules/essentials/README.md @@ -63,7 +63,7 @@ module "eks_essentials" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.3 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.0 | | [helm](#requirement\_helm) | >= 2.7 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | @@ -71,7 +71,7 @@ module "eks_essentials" { | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0 | +| [aws](#provider\_aws) | >= 5.0 | | [helm](#provider\_helm) | >= 2.7 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | diff --git a/modules/essentials/versions.tf b/modules/essentials/versions.tf index ea3d86c3..d6c97a21 100644 --- a/modules/essentials/versions.tf +++ b/modules/essentials/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } helm = { source = "hashicorp/helm" diff --git a/modules/fargate_profile/README.md b/modules/fargate_profile/README.md index 248169b9..05d37e24 100644 --- a/modules/fargate_profile/README.md +++ b/modules/fargate_profile/README.md @@ -59,21 +59,21 @@ module "fargate_profile" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.0 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0 | +| [aws](#provider\_aws) | >= 5.0 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | ## Modules | Name | Source | Version | |------|--------|---------| -| [fargate\_profile](#module\_fargate\_profile) | terraform-aws-modules/eks/aws//modules/fargate-profile | ~> 19.10.0 | +| [fargate\_profile](#module\_fargate\_profile) | terraform-aws-modules/eks/aws//modules/fargate-profile | ~> 19.15.0 | ## Resources diff --git a/modules/fargate_profile/main.tf b/modules/fargate_profile/main.tf index ba999ded..eef4a2a2 100644 --- a/modules/fargate_profile/main.tf +++ b/modules/fargate_profile/main.tf @@ -1,6 +1,6 @@ module "fargate_profile" { source = "terraform-aws-modules/eks/aws//modules/fargate-profile" - version = "~> 19.10.0" + version = "~> 19.15.0" for_each = var.fargate_profiles diff --git a/modules/fargate_profile/versions.tf b/modules/fargate_profile/versions.tf index 847bd964..15a66845 100644 --- a/modules/fargate_profile/versions.tf +++ b/modules/fargate_profile/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/karpenter/karpenter.tf b/modules/karpenter/karpenter.tf index 64ac9186..dc5d2523 100644 --- a/modules/karpenter/karpenter.tf +++ b/modules/karpenter/karpenter.tf @@ -1,6 +1,6 @@ module "karpenter" { source = "terraform-aws-modules/eks/aws//modules/karpenter" - version = "~> 19.10.0" + version = "~> 19.15.0" count = var.autoscaling_mode == "karpenter" ? 1 : 0 diff --git a/modules/karpenter/versions.tf b/modules/karpenter/versions.tf index 5873aab4..3e7a3f3f 100644 --- a/modules/karpenter/versions.tf +++ b/modules/karpenter/versions.tf @@ -12,7 +12,7 @@ terraform { } aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } } } diff --git a/modules/self_managed_nodes/README.md b/modules/self_managed_nodes/README.md index d5a1f794..d4f5f16a 100644 --- a/modules/self_managed_nodes/README.md +++ b/modules/self_managed_nodes/README.md @@ -39,21 +39,21 @@ the type of images: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.0 | | [time](#requirement\_time) | >= 0.7 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0 | +| [aws](#provider\_aws) | >= 5.0 | | [time](#provider\_time) | >= 0.7 | ## Modules | Name | Source | Version | |------|--------|---------| -| [self\_managed\_group](#module\_self\_managed\_group) | terraform-aws-modules/eks/aws//modules/self-managed-node-group | ~> 19.10.0 | +| [self\_managed\_group](#module\_self\_managed\_group) | terraform-aws-modules/eks/aws//modules/self-managed-node-group | ~> 19.15.0 | ## Resources diff --git a/modules/self_managed_nodes/main.tf b/modules/self_managed_nodes/main.tf index 34f3ce38..89079971 100644 --- a/modules/self_managed_nodes/main.tf +++ b/modules/self_managed_nodes/main.tf @@ -57,7 +57,7 @@ locals { module "self_managed_group" { source = "terraform-aws-modules/eks/aws//modules/self-managed-node-group" - version = "~> 19.10.0" + version = "~> 19.15.0" for_each = local.self_managed_node_groups diff --git a/modules/self_managed_nodes/versions.tf b/modules/self_managed_nodes/versions.tf index 8068305d..54d9fe2f 100644 --- a/modules/self_managed_nodes/versions.tf +++ b/modules/self_managed_nodes/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.0" } time = { source = "hashicorp/time" From f928739bbdd2240ea5e36aaada16702adb966c95 Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Tue, 25 Jul 2023 11:23:32 +0800 Subject: [PATCH 5/8] Set extra flag to create cluster sec group properly --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 4d09461f..cf160233 100644 --- a/main.tf +++ b/main.tf @@ -35,7 +35,7 @@ module "eks" { cluster_security_group_name = coalesce(var.cluster_security_group_name, var.cluster_name) cluster_security_group_description = "EKS Cluster ${var.cluster_name} Master" cluster_security_group_additional_rules = merge( - var.create_cluster_security_group ? + var.create_cluster_security_group && var.create_node_security_group ? { egress_nodes_ephemeral_ports_tcp = { description = "To node 1025-65535" From efb13a2e83384364be69975d91989373c2c13c3e Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Tue, 25 Jul 2023 12:17:33 +0800 Subject: [PATCH 6/8] Set flags to create source node sec group conditionally --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index cf160233..f2738a1c 100644 --- a/main.tf +++ b/main.tf @@ -43,7 +43,7 @@ module "eks" { from_port = 1025 to_port = 65535 type = "egress" - source_node_security_group = true + source_node_security_group = var.create_node_security_group } } : {} , var.cluster_security_group_additional_rules) From a5e8c569b155e67f72c003861a8eabc73a01bdaa Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Tue, 25 Jul 2023 21:35:56 +0800 Subject: [PATCH 7/8] change to v4 because upstream still at 4.47 --- README.md | 4 ++-- modules/eks_managed_nodes/README.md | 4 ++-- modules/eks_managed_nodes/versions.tf | 2 +- modules/essentials/README.md | 4 ++-- modules/essentials/versions.tf | 2 +- modules/fargate_profile/README.md | 4 ++-- modules/fargate_profile/versions.tf | 2 +- modules/karpenter/versions.tf | 2 +- modules/self_managed_nodes/README.md | 4 ++-- modules/self_managed_nodes/versions.tf | 2 +- versions.tf | 2 +- 11 files changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 78372e90..c403dfbe 100644 --- a/README.md +++ b/README.md @@ -198,14 +198,14 @@ module "karpenter" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| [aws](#requirement\_aws) | >= 4.47 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| [aws](#provider\_aws) | >= 4.47 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | ## Modules diff --git a/modules/eks_managed_nodes/README.md b/modules/eks_managed_nodes/README.md index 2d4d9dd3..cce5f376 100644 --- a/modules/eks_managed_nodes/README.md +++ b/modules/eks_managed_nodes/README.md @@ -4,13 +4,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| [aws](#requirement\_aws) | >= 4.47 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| [aws](#provider\_aws) | >= 4.47 | ## Modules diff --git a/modules/eks_managed_nodes/versions.tf b/modules/eks_managed_nodes/versions.tf index dd0ebb96..08e55dc0 100644 --- a/modules/eks_managed_nodes/versions.tf +++ b/modules/eks_managed_nodes/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } } } diff --git a/modules/essentials/README.md b/modules/essentials/README.md index b75bb574..4a42170e 100644 --- a/modules/essentials/README.md +++ b/modules/essentials/README.md @@ -63,7 +63,7 @@ module "eks_essentials" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.3 | -| [aws](#requirement\_aws) | >= 5.0 | +| [aws](#requirement\_aws) | >= 4.47 | | [helm](#requirement\_helm) | >= 2.7 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | @@ -71,7 +71,7 @@ module "eks_essentials" { | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| [aws](#provider\_aws) | >= 4.47 | | [helm](#provider\_helm) | >= 2.7 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | diff --git a/modules/essentials/versions.tf b/modules/essentials/versions.tf index d6c97a21..6a1b9d6f 100644 --- a/modules/essentials/versions.tf +++ b/modules/essentials/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } helm = { source = "hashicorp/helm" diff --git a/modules/fargate_profile/README.md b/modules/fargate_profile/README.md index 05d37e24..a7320a8f 100644 --- a/modules/fargate_profile/README.md +++ b/modules/fargate_profile/README.md @@ -59,14 +59,14 @@ module "fargate_profile" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| [aws](#requirement\_aws) | >= 4.47 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| [aws](#provider\_aws) | >= 4.47 | | [kubernetes](#provider\_kubernetes) | >= 2.10 | ## Modules diff --git a/modules/fargate_profile/versions.tf b/modules/fargate_profile/versions.tf index 15a66845..8da9820b 100644 --- a/modules/fargate_profile/versions.tf +++ b/modules/fargate_profile/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/karpenter/versions.tf b/modules/karpenter/versions.tf index 3e7a3f3f..5c4cc3ad 100644 --- a/modules/karpenter/versions.tf +++ b/modules/karpenter/versions.tf @@ -12,7 +12,7 @@ terraform { } aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } } } diff --git a/modules/self_managed_nodes/README.md b/modules/self_managed_nodes/README.md index d4f5f16a..494e7a17 100644 --- a/modules/self_managed_nodes/README.md +++ b/modules/self_managed_nodes/README.md @@ -39,14 +39,14 @@ the type of images: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.0 | +| [aws](#requirement\_aws) | >= 4.47 | | [time](#requirement\_time) | >= 0.7 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.0 | +| [aws](#provider\_aws) | >= 4.47 | | [time](#provider\_time) | >= 0.7 | ## Modules diff --git a/modules/self_managed_nodes/versions.tf b/modules/self_managed_nodes/versions.tf index 54d9fe2f..9d0258d6 100644 --- a/modules/self_managed_nodes/versions.tf +++ b/modules/self_managed_nodes/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } time = { source = "hashicorp/time" diff --git a/versions.tf b/versions.tf index 22940a39..8f082ec7 100644 --- a/versions.tf +++ b/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.0" + version = ">= 4.47" } # tflint-ignore: terraform_unused_required_providers kubernetes = { From cac8aebf1b676de319ba1d9592ee0d03d65a33d6 Mon Sep 17 00:00:00 2001 From: Poh Peng Date: Wed, 26 Jul 2023 11:26:00 +0800 Subject: [PATCH 8/8] Revert to reflect same as upstream --- main.tf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/main.tf b/main.tf index f2738a1c..72c99442 100644 --- a/main.tf +++ b/main.tf @@ -96,15 +96,15 @@ module "eks" { service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn } aws-ebs-csi-driver = { - most_recent = true - reserve = true - resolve_conflicts_on_create = "OVERWRITE" - service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn + most_recent = true + reserve = true + resolve_conflicts = "OVERWRITE" + service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn } coredns = var.fargate_cluster ? { - most_recent = true - reserve = true - resolve_conflicts_on_create = "OVERWRITE" + most_recent = true + reserve = true + resolve_conflicts = "OVERWRITE" configuration_values = jsonencode({ computeType = "Fargate" # https://github.com/aws-ia/terraform-aws-eks-blueprints/pull/1329