fix: Avoid re-naming the primary security group through a Name tag …

…and leave to the EKS service to manage (#2010)
terraform-aws-modules · Apr 12, 2022 · b5ae5da · b5ae5da
1 parent 69a815c
commit b5ae5da
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/examples/eks_managed_node_group/main.tf b/examples/eks_managed_node_group/main.tf
@@ -67,6 +67,13 @@ module "eks" {
  resources = ["secrets"]
  }]
 
+ cluster_tags = {
+ # This should not affect the name of the cluster primary security group
+ # Ref: https:/terraform-aws-modules/terraform-aws-eks/pull/2006
+ # Ref: https:/terraform-aws-modules/terraform-aws-eks/pull/2008
+ Name = local.name
+ }
+
  vpc_id = module.vpc.vpc_id
  subnet_ids = module.vpc.private_subnets
 

diff --git a/main.tf b/main.tf
@@ -60,7 +60,10 @@ resource "aws_eks_cluster" "this" {
 }
 
 resource "aws_ec2_tag" "cluster_primary_security_group" {
- for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create }
+ # This should not affect the name of the cluster primary security group
+ # Ref: https:/terraform-aws-modules/terraform-aws-eks/pull/2006
+ # Ref: https:/terraform-aws-modules/terraform-aws-eks/pull/2008
+ for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create && k != "Name" }
 
  resource_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
  key = each.key