From b5ae5daa39f8380dc21c9ef1daff22242930692e Mon Sep 17 00:00:00 2001
From: Bryant Biggs <bryantbiggs@gmail.com>
Date: Tue, 12 Apr 2022 04:36:03 -0400
Subject: [PATCH] fix: Avoid re-naming the primary security group through a
 `Name` tag and leave to the EKS service to manage (#2010)

---
 examples/eks_managed_node_group/main.tf | 7 +++++++
 main.tf                                 | 5 ++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/examples/eks_managed_node_group/main.tf b/examples/eks_managed_node_group/main.tf
index 3b988fe..308f05a 100644
--- a/examples/eks_managed_node_group/main.tf
+++ b/examples/eks_managed_node_group/main.tf
@@ -67,6 +67,13 @@ module "eks" {
     resources        = ["secrets"]
   }]
 
+  cluster_tags = {
+    # This should not affect the name of the cluster primary security group
+    # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2006
+    # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2008
+    Name = local.name
+  }
+
   vpc_id     = module.vpc.vpc_id
   subnet_ids = module.vpc.private_subnets
 
diff --git a/main.tf b/main.tf
index bcd864f..9e7d081 100644
--- a/main.tf
+++ b/main.tf
@@ -60,7 +60,10 @@ resource "aws_eks_cluster" "this" {
 }
 
 resource "aws_ec2_tag" "cluster_primary_security_group" {
-  for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create }
+  # This should not affect the name of the cluster primary security group
+  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2006
+  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2008
+  for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create && k != "Name" }
 
   resource_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
   key         = each.key