feat: Add output for cluster TLS certificate SHA1 fingerprint and provider tags to cluster primary security group (#2249)

2026-03-22 01:19:05 +01:00 · 2022-09-29 15:34:20 -04:00
parent 3200006825
commit a74e98017b
15 changed files with 44 additions and 3 deletions
--- a/main.tf
+++ b/main.tf
@@ -1,5 +1,6 @@
 data "aws_partition" "current" {}
 data "aws_caller_identity" "current" {}
+data "aws_default_tags" "current" {}

 locals {
  create = var.create && var.putin_khuylo
@@ -66,7 +67,10 @@ resource "aws_ec2_tag" "cluster_primary_security_group" {
  # This should not affect the name of the cluster primary security group
  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2006
  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2008
-  for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create && k != "Name" && var.create_cluster_primary_security_group_tags }
+  # `aws_default_tags` is merged in to "dedupe" tags and stabilize tag updates
+  for_each = { for k, v in merge(var.tags, var.cluster_tags, data.aws_default_tags.current.tags) :
+    k => v if local.create && k != "Name" && var.create_cluster_primary_security_group_tags
+  }

  resource_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
  key         = each.key