From 236cb71239ddbb6ee4c1efcc764b36f719064a86 Mon Sep 17 00:00:00 2001
From: Eduardo Rodrigues <eduardomourar@users.noreply.github.com>
Date: Wed, 27 May 2020 23:22:11 +0200
Subject: [PATCH] deal with boolean properly in resource config

---
 .../lib/cluster-resource-handler/cluster.ts   | 13 +++++++++---
 .../lib/cluster-resource-handler/common.ts    | 21 +++++++++++++++++++
 2 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts
index 5fc1c0afdcde2..c103fa5f06e9b 100644
--- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts
+++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts
@@ -131,11 +131,18 @@ export class ClusterResourceHandler extends ResourceHandler {
     }
 
     if (updates.updateLogging || updates.updateAccess) {
-      const updateResponse = await this.eks.updateClusterConfig({
+      const config: aws.EKS.UpdateClusterConfigRequest = {
         name: this.clusterName,
         logging: this.newProps.logging,
-        resourcesVpcConfig: this.newProps.resourcesVpcConfig,
-      });
+      };
+      if (updates.updateAccess) {
+        config.resourcesVpcConfig = {
+          endpointPrivateAccess: this.newProps.resourcesVpcConfig.endpointPrivateAccess,
+          endpointPublicAccess: this.newProps.resourcesVpcConfig.endpointPublicAccess,
+          publicAccessCidrs: this.newProps.resourcesVpcConfig.publicAccessCidrs,
+        }
+      }
+      const updateResponse = await this.eks.updateClusterConfig(config);
 
       return { EksUpdateId: updateResponse.update?.id };
     }
diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts
index 57d3ae20f8cef..014435dd8e986 100644
--- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts
+++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/common.ts
@@ -14,6 +14,23 @@ export interface EksUpdateId {
 
 export type ResourceEvent = AWSLambda.CloudFormationCustomResourceEvent & EksUpdateId;
 
+
+/**
+ * Decodes encoded true/false values
+ */
+function decodeBooleans(object: object) {
+  return JSON.parse(JSON.stringify(object), (_k, v) => {
+    switch (v) {
+      case 'TRUE:BOOLEAN':
+        return true;
+      case 'FALSE:BOOLEAN':
+        return false;
+      default:
+        return v;
+    }
+  });
+}
+
 export abstract class ResourceHandler {
   protected readonly requestId: string;
   protected readonly logicalResourceId: string;
@@ -33,6 +50,10 @@ export abstract class ResourceHandler {
       throw new Error('AssumeRoleArn must be provided');
     }
 
+    if (event.ResourceProperties.Config) {
+      this.event.ResourceProperties.Config = decodeBooleans(event.ResourceProperties.Config);
+    }
+
     eks.configureAssumeRole({
       RoleArn: roleToAssume,
       RoleSessionName: `AWSCDK.EKSCluster.${this.requestType}.${this.requestId}`,