From b4756a57f7af7c6c8acb9404c640ef5946eb0585 Mon Sep 17 00:00:00 2001
From: ccantoni <ccantoni@secureauth.com>
Date: Tue, 10 Jul 2018 10:40:49 -0400
Subject: [PATCH 1/3] Updating heptio-authenticator-aws to
 aws-iam-authenticator since the heptio project was moved and renamed.

---
 .gitignore   | 1 +
 README.md    | 4 ++--
 main.tf      | 2 +-
 variables.tf | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/.gitignore b/.gitignore
index e787fbf..8382e2a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@ kubeconfig
 config-map-aws-auth.yaml
 eks-admin-cluster-role-binding.yaml
 eks-admin-service-account.yaml
+.idea/
diff --git a/README.md b/README.md
index 38fac85..0ed4f32 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ Read the [AWS docs on EKS to get connected to the k8s dashboard](https://docs.aw
 * You want to create an EKS cluster and an autoscaling group of workers for the cluster.
 * You want these resources to exist within security groups that allow communication and coordination. These can be user provided or created within the module.
 * You've created a Virtual Private Cloud (VPC) and subnets where you intend to put the EKS resources.
-* If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens) are installed and on your shell's PATH.
+* If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`aws-iam-authenticator`](https://github.com/kubernetes-sigs/aws-iam-authenticator#4-set-up-kubectl-to-use-authentication-tokens-provided-by-aws-iam-authenticator-for-kubernetes) are installed and on your shell's PATH.
 
 ## Usage example
 
@@ -100,7 +100,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | config_output_path | Determines where config files are placed if using configure_kubectl_session and you want config files to land outside the current working directory. | string | `./` | no |
 | configure_kubectl_session | Configure the current session's kubectl to use the instantiated EKS cluster. | string | `true` | no |
 | kubeconfig_aws_authenticator_additional_args | Any additional arguments to pass to the authenticator such as the role to assume ["-r", "MyEksRole"] | string | `<list>` | no |
-| kubeconfig_aws_authenticator_command | Command to use to to fetch AWS EKS credentials | string | `heptio-authenticator-aws` | no |
+| kubeconfig_aws_authenticator_command | Command to use to to fetch AWS EKS credentials | string | `aws-iam-authenticator` | no |
 | kubeconfig_aws_authenticator_env_variables | Environment variables that should be used when executing the authenticator i.e. { AWS_PROFILE = "eks"} | string | `<map>` | no |
 | kubeconfig_name | Override the default name used for items kubeconfig. | string | `` | no |
 | subnets | A list of subnets to place the EKS cluster and workers within. | list | - | yes |
diff --git a/main.tf b/main.tf
index 7c2f06b..085c0c4 100644
--- a/main.tf
+++ b/main.tf
@@ -16,7 +16,7 @@
 ** You want to create an EKS cluster and an autoscaling group of workers for the cluster.
 ** You want these resources to exist within security groups that allow communication and coordination. These can be user provided or created within the module.
 ** You've created a Virtual Private Cloud (VPC) and subnets where you intend to put the EKS resources.
-** If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens) are installed and on your shell's PATH.
+** If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`aws-iam-authenticator`](https://github.com/kubernetes-sigs/aws-iam-authenticator#4-set-up-kubectl-to-use-authentication-tokens-provided-by-aws-iam-authenticator-for-kubernetes) are installed and on your shell's PATH.
 
 * ## Usage example
 
diff --git a/variables.tf b/variables.tf
index 1302a48..41b04e7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -82,7 +82,7 @@ variable "worker_sg_ingress_from_port" {
 
 variable "kubeconfig_aws_authenticator_command" {
   description = "Command to use to to fetch AWS EKS credentials"
-  default     = "heptio-authenticator-aws"
+  default     = "aws-iam-authenticator"
 }
 
 variable "kubeconfig_aws_authenticator_additional_args" {

From 46ad6259ce79ff846c564e4420f4a26ac3c27547 Mon Sep 17 00:00:00 2001
From: Igor Borodin <mood@cyberarena.tv>
Date: Wed, 11 Jul 2018 11:32:09 +0300
Subject: [PATCH 2/3] Adding worker_iam_role_arn to module outputs

---
 outputs.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/outputs.tf b/outputs.tf
index 9f5a16f..bda7bf0 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -53,3 +53,8 @@ output "worker_iam_role_name" {
   description = "IAM role name attached to EKS workers"
   value       = "${aws_iam_role.workers.name}"
 }
+
+output "worker_iam_role_arn" {
+  description = "IAM role ID attached to EKS workers"
+  value       = "${aws_iam_role.workers.arn}"
+}

From 72a40c7d4e74e8d5fb3e88a0338429f0c3b5c5ba Mon Sep 17 00:00:00 2001
From: Igor Borodin <mood@cyberarena.tv>
Date: Wed, 11 Jul 2018 11:38:27 +0300
Subject: [PATCH 3/3] Updating docs and changelog

---
 CHANGELOG.md | 1 +
 README.md    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2b2d754..b913efb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 ### Added
 
 - kubelet_node_labels worker group option allows setting --node-labels= in kubelet. (Hat-tip, @bshelton229 👒)
+- `worker_iam_role_arn` added to outputs. Sweet, @hatemosphere 🔥
 
 ### Changed
 
diff --git a/README.md b/README.md
index 900e048..15e3872 100644
--- a/README.md
+++ b/README.md
@@ -126,5 +126,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | config_map_aws_auth | A kubernetes configuration to authenticate to this EKS cluster. |
 | kubeconfig | kubectl config file contents for this EKS cluster. |
 | worker_iam_role_name | IAM role name attached to EKS workers |
+| worker_iam_role_arn | IAM role ID attached to EKS workers |
 | worker_security_group_id | Security group ID attached to the EKS workers. |
 | workers_asg_arns | IDs of the autoscaling groups containing workers. |