* Adding minimum communication
The docs at https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html specify that port 10250 is needed at a minimum for communication between the control plane, and the worker nodes. If you specify a `worker_sg_ingress_from_port` as something like `30000`, then this minimum communication is never established.
* Adding description to CHANGELOG.md
* Adjusting the naming of the resources
* Ensuring creation is conditional on the value of `worker_sg_ingress_from_port`
* Mistake, should be greater than port 10250
Example usage : we want our nodes to be able to update route53 record
for using external-dns.
```hcl
data "template_file" "eks_worker_additional_route53_policy" {
template = "${file("iam/route53_policy.json.tpl")}"
}
resource "aws_iam_policy" "eks_worker_additional_route53_policy" {
description = "Allow nodes to update our zone"
name = "${module.k8s_cluster01_label.id}-additional-route53-policy"
policy = "${data.template_file.eks_worker_additional_route53_policy.rendered}"
}
```
which defines the policy; then in the EKS module :
```hcl
module "cluster01" {
cluster_name = "cluster01"
<snip>
workers_addtional_policies = [
"${aws_iam_policy.eks_worker_additional_route53_policy.arn}"
]
workers_addtional_policies_count = 1
<snip>
```
* Allow per worker group ASG tags to be set
* Format
* Set correct defaults
* Implement hack that will use the first item in the list if a matching item does not exist for the worker group
* Use a map that will map from the worker group name to the tags to get around the issue where list indexing does not work with a list of lists
* Format
* Cleanup
* Fix sample
* README
* Add ability to pass computer values to cluster_security_group_id and worker_security_group_id
* Fix contributer name in CHANGELOG.md
* Format variables.tf file
* changing syntax when referring to map keys without lookup function
* Replacing map function with actual maps for easier reading
* replacing map function in example
* replacing map function in workers.tf and readme/main
* update changelog
* allow creating an IAM role for each worker group
* moved change from 'changed' to 'added'
* create multiple roles not just profiles
* fix config_map_aws_auth generation
* don't duplicate worker-role templating
* specify ARNs for worker groups individually
todo fix aws_auth configmap
* fixed AWS auth
* fix aws_iam_instance_profile.workers name
fix iam_instance_profile fallback
* fix outputs
* fix iam_instance_profile calculation
* hopefully fix aws auth configmap generation
* manually fill out remainder of arn
* remove depends_on in worker_role_arns template file
this was causing resources to be recreated every time
* fmt
* fix typo, move iam_role_id default to defaults map
* Allow additional security groups to be included for all workers and each worker group #47
* update changelog with reference to issue and be more descriptive
* Update CHANGELOG.md
* address pr comments and rebase
* rebase
* fix bug introduced by PR#115 that sets the AMI id to the default value of "" always
* rebase
* align default value of additional_security_group_ids to be pulled from local var workers_group_defaults_defaults
