use default_iam_role_id interpolation for aws_iam_instance_profile (#489)

2026-03-29 21:51:51 +02:00 · 2019-09-11 18:25:33 +02:00
parent 2254ab709e
commit 4264a5fe6e
5 changed files with 39 additions and 38 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 - Removed historical mention of adding caller's IPv4 to cluster security group (by @dpiddockcmp)
 - Wrapped `kubelet_extra_args` in double quotes instead of singe quotes (by @nxf5025)
 - Write your awesome change here (by @you)
 - Make terraform plan more consistent and avoid unnecessary "(known after apply)" (by @barryib)
 # History
--- a/local.tf
+++ b/local.tf
@@ -14,41 +14,41 @@ locals {
  worker_group_launch_template_mixed_count = length(var.worker_groups_launch_template_mixed)
  workers_group_defaults_defaults = {
-    name                          = "count.index"              # Name of the worker group. Literal count.index will never be used but if name is not set, the count.index interpolation will be used.
+    name                          = "count.index"               # Name of the worker group. Literal count.index will never be used but if name is not set, the count.index interpolation will be used.
-    tags                          = []                         # A list of map defining extra tags to be applied to the worker group ASG.
+    tags                          = []                          # A list of map defining extra tags to be applied to the worker group ASG.
-    ami_id                        = data.aws_ami.eks_worker.id # AMI ID for the eks workers. If none is provided, Terraform will search for the latest version of their EKS optimized worker AMI.
+    ami_id                        = data.aws_ami.eks_worker.id  # AMI ID for the eks workers. If none is provided, Terraform will search for the latest version of their EKS optimized worker AMI.
-    asg_desired_capacity          = "1"                        # Desired worker capacity in the autoscaling group.
+    asg_desired_capacity          = "1"                         # Desired worker capacity in the autoscaling group.
-    asg_max_size                  = "3"                        # Maximum worker capacity in the autoscaling group.
+    asg_max_size                  = "3"                         # Maximum worker capacity in the autoscaling group.
-    asg_min_size                  = "1"                        # Minimum worker capacity in the autoscaling group.
+    asg_min_size                  = "1"                         # Minimum worker capacity in the autoscaling group.
-    asg_force_delete              = false                      # Enable forced deletion for the autoscaling group.
+    asg_force_delete              = false                       # Enable forced deletion for the autoscaling group.
-    asg_initial_lifecycle_hooks   = []                         # Initital lifecycle hook for the autoscaling group.
+    asg_initial_lifecycle_hooks   = []                          # Initital lifecycle hook for the autoscaling group.
-    asg_recreate_on_change        = false                      # Recreate the autoscaling group when LT or LC change.
+    asg_recreate_on_change        = false                       # Recreate the autoscaling group when LT or LC change.
-    instance_type                 = "m4.large"                 # Size of the workers instances.
+    instance_type                 = "m4.large"                  # Size of the workers instances.
-    spot_price                    = ""                         # Cost of spot instance.
+    spot_price                    = ""                          # Cost of spot instance.
-    placement_tenancy             = ""                         # The tenancy of the instance. Valid values are "default" or "dedicated".
+    placement_tenancy             = ""                          # The tenancy of the instance. Valid values are "default" or "dedicated".
-    root_volume_size              = "100"                      # root volume size of workers instances.
+    root_volume_size              = "100"                       # root volume size of workers instances.
-    root_volume_type              = "gp2"                      # root volume type of workers instances, can be 'standard', 'gp2', or 'io1'
+    root_volume_type              = "gp2"                       # root volume type of workers instances, can be 'standard', 'gp2', or 'io1'
-    root_iops                     = "0"                        # The amount of provisioned IOPS. This must be set with a volume_type of "io1".
+    root_iops                     = "0"                         # The amount of provisioned IOPS. This must be set with a volume_type of "io1".
-    key_name                      = ""                         # The key name that should be used for the instances in the autoscaling group
+    key_name                      = ""                          # The key name that should be used for the instances in the autoscaling group
-    pre_userdata                  = ""                         # userdata to pre-append to the default userdata.
+    pre_userdata                  = ""                          # userdata to pre-append to the default userdata.
-    bootstrap_extra_args          = ""                         # Extra arguments passed to the bootstrap.sh script from the EKS AMI.
+    bootstrap_extra_args          = ""                          # Extra arguments passed to the bootstrap.sh script from the EKS AMI.
-    additional_userdata           = ""                         # userdata to append to the default userdata.
+    additional_userdata           = ""                          # userdata to append to the default userdata.
-    ebs_optimized                 = true                       # sets whether to use ebs optimization on supported types.
+    ebs_optimized                 = true                        # sets whether to use ebs optimization on supported types.
-    enable_monitoring             = true                       # Enables/disables detailed monitoring.
+    enable_monitoring             = true                        # Enables/disables detailed monitoring.
-    public_ip                     = false                      # Associate a public ip address with a worker
+    public_ip                     = false                       # Associate a public ip address with a worker
-    kubelet_extra_args            = ""                         # This string is passed directly to kubelet if set. Useful for adding labels or taints.
+    kubelet_extra_args            = ""                          # This string is passed directly to kubelet if set. Useful for adding labels or taints.
-    subnets                       = var.subnets                # A list of subnets to place the worker nodes in. i.e. ["subnet-123", "subnet-456", "subnet-789"]
+    subnets                       = var.subnets                 # A list of subnets to place the worker nodes in. i.e. ["subnet-123", "subnet-456", "subnet-789"]
-    autoscaling_enabled           = false                      # Sets whether policy and matching tags will be added to allow autoscaling.
+    autoscaling_enabled           = false                       # Sets whether policy and matching tags will be added to allow autoscaling.
-    additional_security_group_ids = []                         # A list of additional security group ids to include in worker launch config
+    additional_security_group_ids = []                          # A list of additional security group ids to include in worker launch config
-    protect_from_scale_in         = false                      # Prevent AWS from scaling in, so that cluster-autoscaler is solely responsible.
+    protect_from_scale_in         = false                       # Prevent AWS from scaling in, so that cluster-autoscaler is solely responsible.
-    iam_instance_profile_name     = ""                         # A custom IAM instance profile name. Used when manage_worker_iam_resources is set to false. Incompatible with iam_role_id.
+    iam_instance_profile_name     = ""                          # A custom IAM instance profile name. Used when manage_worker_iam_resources is set to false. Incompatible with iam_role_id.
-    iam_role_id                   = local.default_iam_role_id  # A custom IAM role id. Incompatible with iam_instance_profile_name.
+    iam_role_id                   = "local.default_iam_role_id" # A custom IAM role id. Incompatible with iam_instance_profile_name.  Literal local.default_iam_role_id will never be used but if iam_role_id is not set, the local.default_iam_role_id interpolation will be used.
-    suspended_processes           = ["AZRebalance"]            # A list of processes to suspend. i.e. ["AZRebalance", "HealthCheck", "ReplaceUnhealthy"]
+    suspended_processes           = ["AZRebalance"]             # A list of processes to suspend. i.e. ["AZRebalance", "HealthCheck", "ReplaceUnhealthy"]
-    target_group_arns             = []                         # A list of ALB target group ARNs to be associated to the ASG
+    target_group_arns             = []                          # A list of ALB target group ARNs to be associated to the ASG
-    enabled_metrics               = []                         # A list of metrics to be collected i.e. ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity"]
+    enabled_metrics               = []                          # A list of metrics to be collected i.e. ["GroupMinSize", "GroupMaxSize", "GroupDesiredCapacity"]
-    placement_group               = ""                         # The name of the placement group into which to launch the instances, if any.
+    placement_group               = ""                          # The name of the placement group into which to launch the instances, if any.
-    service_linked_role_arn       = ""                         # Arn of custom service linked role that Auto Scaling group will use. Useful when you have encrypted EBS
+    service_linked_role_arn       = ""                          # Arn of custom service linked role that Auto Scaling group will use. Useful when you have encrypted EBS
-    termination_policies          = []                         # A list of policies to decide how the instances in the auto scale group should be terminated.
+    termination_policies          = []                          # A list of policies to decide how the instances in the auto scale group should be terminated.
    # Settings for launch templates
    root_block_device_name            = data.aws_ami.eks_worker.root_device_name # Root device name for workers. If non is provided, will assume default AMI was used.
    root_kms_key_id                   = ""                                       # The KMS key to use when encrypting the root storage device
--- a/workers.tf
+++ b/workers.tf
@@ -328,7 +328,7 @@ resource "aws_iam_instance_profile" "workers" {
  role = lookup(
    var.worker_groups[count.index],
    "iam_role_id",
-    local.workers_group_defaults["iam_role_id"],
+    local.default_iam_role_id,
  )
  path = var.iam_path
--- a/workers_launch_template.tf
+++ b/workers_launch_template.tf
@@ -339,7 +339,7 @@ resource "aws_iam_instance_profile" "workers_launch_template" {
  role = lookup(
    var.worker_groups_launch_template[count.index],
    "iam_role_id",
-    local.workers_group_defaults["iam_role_id"],
+    local.default_iam_role_id,
  )
  path = var.iam_path
 }
--- a/workers_launch_template_mixed.tf
+++ b/workers_launch_template_mixed.tf
@@ -382,7 +382,7 @@ resource "aws_iam_instance_profile" "workers_launch_template_mixed" {
  role = lookup(
    var.worker_groups_launch_template_mixed[count.index],
    "iam_role_id",
-    local.workers_group_defaults["iam_role_id"],
+    local.default_iam_role_id,
  )
  path = var.iam_path
 }