Comments (7)
that is not true - its no longer in the root module, you need to define a new sub-module definition to use that
from terraform-aws-eks.
First, thank you for the response. The docs should probably be updated... And not to be too dense, but by submodule definition, I should insert something like...
module "eks" {
aws_auth = {
manage_aws_auth_configmap = true
aws_auth_roles = [
{
rolearn = data.aws_iam_role.karpenter_instance.arn
username = "system:node:{{EC2PrivateDNSName}}"
groups = ["system:bootstrappers", "system:nodes"]
},
]
aws_auth_users = var.eks_additional_users
}
}
...because I make my way through these things by documentation as opposed to actually knowing what I'm doing.
from terraform-aws-eks.
I figured out the module declaration. Thnks.
from terraform-aws-eks.
@zenbones what's the proper module declaration? I'm experiencing the same issue.
from terraform-aws-eks.
Whether something is true or not it is complex topic, but I can say that I found the same issue. I understand that this is a change in the contract of the module, and as such it should be treated gently.
For other humans arriving here, taking the original example that opened the issue:
module "eks" {
manage_aws_auth_configmap = true
aws_auth_roles = [
{
rolearn = data.aws_iam_role.karpenter_instance.arn
username = "system:node:{{EC2PrivateDNSName}}"
groups = ["system:bootstrappers", "system:nodes"]
},
]
aws_auth_users = var.eks_additional_users
}
We need to move all auth related things to a new module definition, like
module "eks" {
source = "terraform-aws-modules/eks/aws"
cluster_name = "...."
# All the rest of cluster configuration that was not moved
}
module "aws_auth" {
source = "terraform-aws-modules/eks/aws//modules/aws-auth"
manage_aws_auth_configmap = true
aws_auth_roles = [
{
rolearn = data.aws_iam_role.karpenter_instance.arn
username = "system:node:{{EC2PrivateDNSName}}"
groups = ["system:bootstrappers", "system:nodes"]
},
]
aws_auth_users = var.eks_additional_users
}
from terraform-aws-eks.
But if this problem is coming from an upgrade, you might find the following links helpful to find out what else is failing and for a little bit of context:
- https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/docs/UPGRADE-20.0.md
- https://github.com/clowdhaus/terraform-aws-eks-migrate-v19-to-v20
- aws-ia/terraform-aws-eks-blueprints-addons#389
- https://github.com/aws-ia/terraform-aws-eks-blueprints/blob/a66db17ae26f0683f61314e8142922e6f3c4f124/patterns/karpenter/main.tf#L160
And also:
from terraform-aws-eks.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
from terraform-aws-eks.
Related Issues (20)
- Bottlerocket - SelfManaged NodeGroup - extra parameter issue HOT 2
- Error: Unsupported attribute for provider_key_arn when Upgrading to V19 from v18 HOT 6
- Add support for `ignore_failed_scaling_activities` HOT 1
- Add flexibility to choose cloudwatch event rule name HOT 1
- EKS cluster module doesn't create a cluster access entry for SSO users HOT 4
- No default networking add-ons: Terraform waiting for the nodes to be in Ready state (question) HOT 2
- Port 9443 and 8443 should not be added to node nsg unless these modules are installed HOT 2
- ConfigMap "aws-auth": Unauthorized HOT 6
- Can't pass tags to EC2 instance from eks managed node group HOT 1
- Add upgrade_policy config block for aws_eks_cluster HOT 1
- Created ec2 instances cannot join the cluster HOT 1
- Add depends_on for the 'resource "aws_eks_addon" "before_compute"' HOT 1
- dynamic number of access_entires HOT 1
- Documentation needs improvement + linting issue?
- Using terraform <1.6.0, `aws_ec2_tag` with dynamic tag *values* results in for_each error about unknown *keys* HOT 1
- Missing node to node security group
- AWS CLB creation question HOT 1
- 'cluster_service_ipv4_cidr' input variable apparently only accepts RFC1918 HOT 1
- Add gitlab ci for module creation HOT 1
- Use aws_vpc_security_group_egress_rule and aws_vpc_security_group_ingress_rule instead of aws_security_group_rule HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-eks.