fix: More compatibility fixes for Terraform v0.13 and aws v3 (terrafo…

…rm-aws-modules#976) Additional support for Terraform v0.13 and aws v3! - The update to the vpc module in examples was, strictly speaking, unnecessary but it adds the terraform block with supported versions. - Update for iam module in the example was very necessary to support new versions - Workaround for "Provider produced inconsistent final plan" when creating ASGs at the same time as the cluster. See hashicorp/terraform-provider-aws#14085 for full details. - Blacklist 0.13.0 as it was too strict when migrating from aws v2 to v3 about dropped attributes.
Polyconseil · Oct 25, 2020 · 0e9383c · 0e9383c
1 parent 8b6d7d9
commit 0e9383c
Show file tree

Hide file tree

Showing 11 changed files with 71 additions and 56 deletions.
diff --git a/README.md b/README.md
@@ -144,7 +144,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 
 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.9 |
+| terraform | >= 0.12.9, != 0.13.0 |
 | aws | >= 2.55.0 |
 | kubernetes | >= 1.11.1 |
 | local | >= 1.4 |

diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -100,7 +100,7 @@ resource "aws_security_group" "all_worker_mgmt" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "2.6.0"
+  version = "2.47.0"
 
   name                 = "test-vpc"
   cidr                 = "10.0.0.0/16"

diff --git a/examples/irsa/irsa.tf b/examples/irsa/irsa.tf
@@ -1,6 +1,6 @@
 module "iam_assumable_role_admin" {
   source                        = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
-  version                       = "~> v2.6.0"
+  version                       = "2.14.0"
   create_role                   = true
   role_name                     = "cluster-autoscaler"
   provider_url                  = replace(module.eks.cluster_oidc_issuer_url, "https://", "")

diff --git a/examples/irsa/main.tf b/examples/irsa/main.tf
@@ -41,7 +41,7 @@ data "aws_caller_identity" "current" {}
 
 module "vpc" {
   source               = "terraform-aws-modules/vpc/aws"
-  version              = "2.6.0"
+  version              = "2.47.0"
   name                 = "test-vpc"
   cidr                 = "10.0.0.0/16"
   azs                  = data.aws_availability_zones.available.names

diff --git a/examples/launch_templates/main.tf b/examples/launch_templates/main.tf
@@ -53,7 +53,7 @@ resource "random_string" "suffix" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "2.6.0"
+  version = "2.47.0"
 
   name                 = "test-vpc-lt"
   cidr                 = "10.0.0.0/16"

diff --git a/examples/managed_node_groups/main.tf b/examples/managed_node_groups/main.tf
@@ -53,7 +53,7 @@ resource "random_string" "suffix" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 2.6"
+  version = "2.47.0"
 
   name                 = "test-vpc"
   cidr                 = "172.16.0.0/16"

diff --git a/examples/secrets_encryption/main.tf b/examples/secrets_encryption/main.tf
@@ -57,7 +57,7 @@ resource "aws_kms_key" "eks" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "2.6.0"
+  version = "2.47.0"
 
   name                 = "test-vpc"
   cidr                 = "10.0.0.0/16"

diff --git a/examples/spot_instances/main.tf b/examples/spot_instances/main.tf
@@ -53,7 +53,7 @@ resource "random_string" "suffix" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "2.6.0"
+  version = "2.47.0"
 
   name                 = "test-vpc-spot"
   cidr                 = "10.0.0.0/16"

diff --git a/versions.tf b/versions.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 0.12.9"
+  required_version = ">= 0.12.9, != 0.13.0"
 
   required_providers {
     aws        = ">= 2.55.0"

diff --git a/workers.tf b/workers.tf
@@ -102,31 +102,38 @@ resource "aws_autoscaling_group" "workers" {
     }
   }
 
-  tags = concat(
-    [
-      {
-        "key"                 = "Name"
-        "value"               = "${aws_eks_cluster.this[0].name}-${lookup(var.worker_groups[count.index], "name", count.index)}-eks_asg"
-        "propagate_at_launch" = true
-      },
-      {
-        "key"                 = "kubernetes.io/cluster/${aws_eks_cluster.this[0].name}"
-        "value"               = "owned"
-        "propagate_at_launch" = true
-      },
-      {
-        "key"                 = "k8s.io/cluster/${aws_eks_cluster.this[0].name}"
-        "value"               = "owned"
-        "propagate_at_launch" = true
-      },
-    ],
-    local.asg_tags,
-    lookup(
-      var.worker_groups[count.index],
-      "tags",
-      local.workers_group_defaults["tags"]
+  dynamic "tag" {
+    for_each = concat(
+      [
+        {
+          "key"                 = "Name"
+          "value"               = "${aws_eks_cluster.this[0].name}-${lookup(var.worker_groups[count.index], "name", count.index)}-eks_asg"
+          "propagate_at_launch" = true
+        },
+        {
+          "key"                 = "kubernetes.io/cluster/${aws_eks_cluster.this[0].name}"
+          "value"               = "owned"
+          "propagate_at_launch" = true
+        },
+        {
+          "key"                 = "k8s.io/cluster/${aws_eks_cluster.this[0].name}"
+          "value"               = "owned"
+          "propagate_at_launch" = true
+        },
+      ],
+      local.asg_tags,
+      lookup(
+        var.worker_groups[count.index],
+        "tags",
+        local.workers_group_defaults["tags"]
+      )
     )
-  )
+    content {
+      key                 = tag.value.key
+      value               = tag.value.value
+      propagate_at_launch = tag.value.propagate_at_launch
+    }
+  }
 
   lifecycle {
     create_before_destroy = true

diff --git a/workers_launch_template.tf b/workers_launch_template.tf
@@ -151,6 +151,7 @@ resource "aws_autoscaling_group" "workers_launch_template" {
       }
     }
   }
+
   dynamic launch_template {
     iterator = item
     for_each = (lookup(var.worker_groups_launch_template[count.index], "override_instance_types", null) != null) || (lookup(var.worker_groups_launch_template[count.index], "on_demand_allocation_strategy", local.workers_group_defaults["on_demand_allocation_strategy"]) != null) ? [] : list(var.worker_groups_launch_template[count.index])
@@ -178,30 +179,37 @@ resource "aws_autoscaling_group" "workers_launch_template" {
     }
   }
 
-  tags = concat(
-    [
-      {
-        "key" = "Name"
-        "value" = "${aws_eks_cluster.this[0].name}-${lookup(
-          var.worker_groups_launch_template[count.index],
-          "name",
-          count.index,
-        )}-eks_asg"
-        "propagate_at_launch" = true
-      },
-      {
-        "key"                 = "kubernetes.io/cluster/${aws_eks_cluster.this[0].name}"
-        "value"               = "owned"
-        "propagate_at_launch" = true
-      },
-    ],
-    local.asg_tags,
-    lookup(
-      var.worker_groups_launch_template[count.index],
-      "tags",
-      local.workers_group_defaults["tags"]
+  dynamic "tag" {
+    for_each = concat(
+      [
+        {
+          "key" = "Name"
+          "value" = "${aws_eks_cluster.this[0].name}-${lookup(
+            var.worker_groups_launch_template[count.index],
+            "name",
+            count.index,
+          )}-eks_asg"
+          "propagate_at_launch" = true
+        },
+        {
+          "key"                 = "kubernetes.io/cluster/${aws_eks_cluster.this[0].name}"
+          "value"               = "owned"
+          "propagate_at_launch" = true
+        },
+      ],
+      local.asg_tags,
+      lookup(
+        var.worker_groups_launch_template[count.index],
+        "tags",
+        local.workers_group_defaults["tags"]
+      )
     )
-  )
+    content {
+      key                 = tag.value.key
+      value               = tag.value.value
+      propagate_at_launch = tag.value.propagate_at_launch
+    }
+  }
 
   lifecycle {
     create_before_destroy = true