[Bug]: aws_eks_cluster opting into EKS Auto Mode with built in node pools is currently requiring the cluster to be replaced

[bryantbiggs]

Terraform Core Version

Any

AWS Provider Version

5.79.0

Affected Resource(s)

• aws_eks_cluster

Expected Behavior

Users should be able to opt into EKS Auto Mode with existing clusters without requiring the cluster to be recreated. This is possible without using the built in nodepools, but currently not possible if users utilize one of the built in nodepools (system, general-purpose)

The set of behaviors are:

1. Enabling compute_config.enabled = true and setting a compute_config.node_role_arn is a valid in-place change
2. Disabling compute_config.enabled = false even with a compute_config.node_role_arn specified is a valid in-place change
3. With compute_config.enabled = true, changing compute_config.node_role_arn from one ARN value to another is not a valid in-place change; this change can only be made by re-placing the cluster

More context: these behaviors are defined due to the use of the IAM role by the instances created by EKS Auto Mode. Removing the ARN when disabling compute_config is valid because the instances that use the ARN will be destroyed/removed. Changing the ARN in-place would require changing the IAM role on *all instances that have been created by EKS Auto Mode

Actual Behavior

Opting into EKS Auto Mode with an existing cluster and specifying a node_role_arn is wanting to re-create the cluster since the node_role_arn value is changing (from undefined to defined)

Relevant Error/Panic Output Snippet

No panic or error

Terraform Configuration Files

See steps to repro below - will open a draft PR that includes the updated acceptance test that demonstrates the issue

Steps to Reproduce

1. Deploy a basic EKS cluster using this example https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#eks-cluster
2. After the cluster is deployed, add the EKS Auto Mode configuration shown in this example https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_cluster#eks-cluster-with-eks-auto-mode and run terraform plan
3. You will see that the cluster is slated to be replaced due to the change in the compute_config.node_role_arn

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

Yes

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[github-actions]

Warning

This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.

[jatinmehrotra]

@bryantbiggs

• I am trying to enable eks auto mode on existing cluster
• However atm cluster_compute_config only allows general-purpose, system as node pools value
• i need to create custom nodepool becuse as you mnentioned its not possible opt in Auto mode for existing cluster if we use general-purpose, system as built in nodepools

[jatin-mehrotra-colorkrew]

@bryantbiggs

#40411 (comment)

This issue is also true for custom node pools too even though aws docs support creating node pools https://docs.aws.amazon.com/eks/latest/userguide/create-node-pool.html but there is option to specify custom node pools too.

[github-actions]

Warning

This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.

[magzim21]

This is still an issue

I upgraded aws provider to 5.80 , using the latest "terraform-aws-modules/eks/aws" module.
An existing cluster is to be replaced.

module "eks" {
  source  = "terraform-aws-modules/eks/aws"
  version = "20.31.1"
...
  cluster_compute_config = {
    enabled    = true
    node_pools = ["system","general-purpose"]
  }

[jatin-mehrotra-colorkrew]

@magzim21

No you are not right because it has been fixed and will be shipped in v5.80.1 and not 5.80.0 so please wait for it to be released

[magzim21]

@jatin-mehrotra-colorkrew

No you are not right because it has been fixed and will be shipped in v5.80.1 and not 5.80.0 so please wait for it to be released

I assumed that merging to master already had triggered a release.
Thank you. Please remove your dislike, I cat't sleep now

[github-actions]

This functionality has been released in v5.81.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[jatin-mehrotra-colorkrew]

@magzim21

This should help you to sleep : https://dev.to/aws-builders/eks-auto-mode-unlocked-for-existing-clusters-with-terraform-545i

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.