Removed EC2 type from condition so policy attachement for access entry can be done for EC2 type for creating access entry for Node role.
While Creating Access entry for Self managed node role, we were getting below error as it seems EC2 type is included in exception for policy attachment. Once I removed EC2 from exception condition, it started picking up Policy attachment and Access Entry got created.
│ Error: Unsupported attribute
│
│ on .terraform/modules/eks/main.tf line 289, in resource "aws_eks_access_policy_association" "this":
│ 289: policy_arn = each.value.association_policy_arn
│ ├────────────────
│ │ each.value is object with 3 attributes
│
│ This object does not have an attribute named "association_policy_arn".
* feat: Add support for EKS hybrid nodes
* feat: Add support for EKS Auto Mode
* chore: Update test directory names
* chore: Clean up examples and tests
* fix: Clean up and last minute changes for GA
* chore: Formatting
* chore: Bump min required version for new features
* fix: Corrects from test/validation on existing clusters
* feat: Add policy for custom tags on EKS Auto Mode, validate examples
* chore: Expand on `CAM` acronym
* chore: Update README to match examples
* feat: Replace `resolve_conflicts` with `resolve_conflicts_on_create`/`delete`; raise MSV of AWS provider to `v5.0` to support
* fix: Replace dynamic DNS suffix for `sts:AssumeRole` API calls for static suffix
* feat: Add module tag
* feat: Align Karpenter permissions with Karpenter v1beta1/v0.32 permissions from upstream
* refactor: Move `aws-auth` ConfigMap functionality to its own sub-module
* chore: Update examples
* feat: Add state `moved` block for Karpenter Pod Identity role re-name
* fix: Correct variable `create` description
* feat: Add support for cluster access entries
* chore: Bump MSV of Terraform to `1.3`
* fix: Replace defunct kubectl provider with an updated forked equivalent
* chore: Update and validate examples for access entry; clean up provider usage
* docs: Correct double redundant variable descriptions
* feat: Add support for Cloudwatch log group class argument
* fix: Update usage tag placement, fix Karpenter event spelling, add upcoming changes section to upgrade guide
* feat: Update Karpenter module to generalize naming used and align policy with the upstream Karpenter policy
* feat: Add native support for Windows based managed nodegroups similar to AL2 and Bottlerocket
* feat: Update self-managed nodegroup module to use latest features of ASG
* docs: Update and simplify docs
* fix: Correct variable description for AMI types
* fix: Update upgrade guide with changes; rename Karpenter controller resource names to support migrating for users
* docs: Complete upgrade guide docs for migration and changes applied
* Update examples/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update examples/outposts/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update modules/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
---------
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* fix: Allow OIDC root CA thumbprint to be included/excluded
* chore: Consolidate conditional logic within local conditional
---------
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
* fix: Disable creation of cluster security group rules that map to node security group when `create_node_security_group` = `false`
* feat: Update Fargate example to run only Fargate and show disabling of both cluster and node security groups
* fix: Ensure CoreDNS changes are made ahead of install
