Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add some default tags to the AWS resources for the EKS cluster.
This adds some of the tags from the [tagging guide] from the previous ECS project. I've omitted `chargeable_entity` and `environment` because those might need a bit of a rethink in light of the switch to Kubernetes. (For example is the "environment" the same thing from an infrastructure perspective as it is from the cluster-user/developer/application perspective?) The idea here is really just to define a place to put the common tags so that we continue to set them in the right way. Using [provider default tags] (relatively new feature) is now the cleanest way to do this. Thanks to @kerin for the suggestion of using provider default tags. One caveat is that the default tags aren't propagated to ASGs, so this doesn't currently tag the node pool ASG. Passing the same set of tags to the `eks` module in order to tag the ASG doesn't work, because the TF provider unhelpfully forbids individual resources from overriding provider-specific tags because of a design limitation of TF. (See hashicorp/terraform-provider-aws#19204.) [tagging guide]: https://github.com/alphagov/govuk-infrastructure/blob/main/terraform/docs/tagging-guide.md [provider default tags]: https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider
- Loading branch information
954c0c9
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for flagging up the ASG limitation, I'd missed that - does the workaround in their blog post work with the EKS module?
954c0c9
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't see any way to pass tags down to just the ASG (only the
tags
var which it uses for everything, understandably). So I think we'd have to make a change to the module in order to use the workaround. It's super frustrating that TF complains withError: "tags" are identical to those in the "default_tags" configuration block of the provider: please de-duplicate and try again
on all the module's other resources if we just pass the same set of tags for the module'stags
var. I was expecting it to be a no-op if the tags were the same and to add the missing tags on the ASG :(954c0c9
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an open issue for this in the module's repo fwiw.