From 7089c71e64dbae281435629e19d647ae6952f9ac Mon Sep 17 00:00:00 2001 From: Devin Young Date: Thu, 6 Jan 2022 15:29:15 -0500 Subject: [PATCH] fix: Remove trailing hyphen from cluster security group and iam role name prefix (#1745) --- README.md | 1 + UPGRADE-18.0.md | 2 ++ main.tf | 4 ++-- variables.tf | 6 ++++++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4b63771cc4..87aa8a21c3 100644 --- a/README.md +++ b/README.md @@ -730,6 +730,7 @@ Full contributing [guidelines are covered here](https://github.com/terraform-aws | [node\_security\_group\_tags](#input\_node\_security\_group\_tags) | A map of additional tags to add to the node security group created | `map(string)` | `{}` | no | | [node\_security\_group\_use\_name\_prefix](#input\_node\_security\_group\_use\_name\_prefix) | Determines whether node security group name (`node_security_group_name`) is used as a prefix | `string` | `true` | no | | [openid\_connect\_audiences](#input\_openid\_connect\_audiences) | List of OpenID Connect audience client IDs to add to the IRSA provider | `list(string)` | `[]` | no | +| [prefix\_separator](#input\_prefix\_separator) | The separator to use between the prefix and the generated timestamp for resource names | `string` | `"-"` | no | | [self\_managed\_node\_group\_defaults](#input\_self\_managed\_node\_group\_defaults) | Map of self-managed node group default configurations | `any` | `{}` | no | | [self\_managed\_node\_groups](#input\_self\_managed\_node\_groups) | Map of self-managed node group definitions to create | `any` | `{}` | no | | [subnet\_ids](#input\_subnet\_ids) | A list of subnet IDs where the EKS cluster (ENIs) will be provisioned along with the nodes/node groups. Node groups can be deployed within a different set of subnet IDs from within the node group configuration | `list(string)` | `[]` | no | diff --git a/UPGRADE-18.0.md b/UPGRADE-18.0.md index 0c6d56dde6..f719fcea45 100644 --- a/UPGRADE-18.0.md +++ b/UPGRADE-18.0.md @@ -28,6 +28,7 @@ Please consult the `examples` directory for reference example configurations. If - The underlying autoscaling group and launch template have been updated to more closely match that of the [`terraform-aws-autoscaling`](https://github.com/terraform-aws-modules/terraform-aws-autoscaling) module and the features it offers - The previous iteration used a count over a list of node group definitions which was prone to disruptive updates; this is now replaced with a map/for_each to align with that of the EKS managed node group and Fargate profile behaviors/style - The user data configuration supported across the module has been completely revamped. A new `_user_data` internal sub-module has been created to consolidate all user data configuration in one location which provides better support for testability (via the [`examples/user_data`](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/examples/user_data) example). The new sub-module supports nearly all possible combinations including the ability to allow users to provide their own user data template which will be rendered by the module. See the `examples/user_data` example project for the full plethora of example configuration possibilities and more details on the logic of the design can be found in the [`modules/_user_data`](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/modules/_user_data_) directory. +- Resource name changes may cause issues with existing resources. For example, security groups and IAM roles cannot be renamed, they must be recreated. Recreation of these resources may also trigger a recreation of the cluster. To use the legacy (< 18.x) resource naming convention, set `prefix_separator` to "". ## Additional changes @@ -166,6 +167,7 @@ Please consult the `examples` directory for reference example configurations. If - `cluster_addons` - `cluster_identity_providers` - `fargate_profile_defaults` + - `prefix_separator` added to support legacy behavior of not having a prefix separator - EKS Managed Node Group sub-module (was `node_groups`) - `platform` - `enable_bootstrap_user_data` diff --git a/main.tf b/main.tf index 4817f96047..3a01c64fef 100644 --- a/main.tf +++ b/main.tf @@ -107,7 +107,7 @@ resource "aws_security_group" "cluster" { count = local.create_cluster_sg ? 1 : 0 name = var.cluster_security_group_use_name_prefix ? null : local.cluster_sg_name - name_prefix = var.cluster_security_group_use_name_prefix ? "${local.cluster_sg_name}-" : null + name_prefix = var.cluster_security_group_use_name_prefix ? "${local.cluster_sg_name}${var.prefix_separator}" : null description = var.cluster_security_group_description vpc_id = var.vpc_id @@ -191,7 +191,7 @@ resource "aws_iam_role" "this" { count = var.create && var.create_iam_role ? 1 : 0 name = var.iam_role_use_name_prefix ? null : local.iam_role_name - name_prefix = var.iam_role_use_name_prefix ? "${local.iam_role_name}-" : null + name_prefix = var.iam_role_use_name_prefix ? "${local.iam_role_name}${var.prefix_separator}" : null path = var.iam_role_path description = var.iam_role_description diff --git a/variables.tf b/variables.tf index 1eb33bfc2c..5e715b1b8c 100644 --- a/variables.tf +++ b/variables.tf @@ -10,6 +10,12 @@ variable "tags" { default = {} } +variable "prefix_separator" { + description = "The separator to use between the prefix and the generated timestamp for resource names" + type = string + default = "-" +} + ################################################################################ # Cluster ################################################################################