Only attempt to delete bootstrap data secret if InsecureSkipSecretsMa…

…nager isn't set
kubernetes-sigs · Apr 8, 2022 · 823459d · 823459d
1 parent eaafc00
commit 823459d
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/controllers/awsmachine_controller.go b/controllers/awsmachine_controller.go
@@ -733,8 +733,10 @@ func (r *AWSMachineReconciler) ignitionUserData(scope *scope.MachineScope, objec
 }
 
 func (r *AWSMachineReconciler) deleteBootstrapData(machineScope *scope.MachineScope, clusterScope cloud.ClusterScoper, objectStoreScope scope.S3Scope) error {
-	if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {
-		return err
+	if !machineScope.AWSMachine.Spec.CloudInit.InsecureSkipSecretsManager {
+		if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {
+			return err
+		}
 	}
 
 	if objectStoreScope != nil {