Skip to content

Commit

Permalink
feat: Update KMS module to avoid calling data sources when `create_km…
Browse files Browse the repository at this point in the history 
…s_key = false` (#2804)
  • Loading branch information
@bryantbiggs
bryantbiggs authored Nov 4, 2023
1 parent e4c5098 commit 0732bea
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ We are grateful to the community for contributing bugfixes and improvements! Ple
|------|--------|---------|
| <a name="module_eks_managed_node_group"></a> [eks\_managed\_node\_group](#module\_eks\_managed\_node\_group) | ./modules/eks-managed-node-group | n/a |
| <a name="module_fargate_profile"></a> [fargate\_profile](#module\_fargate\_profile) | ./modules/fargate-profile | n/a |
| <a name="module_kms"></a> [kms](#module\_kms) | terraform-aws-modules/kms/aws | 1.1.0 |
| <a name="module_kms"></a> [kms](#module\_kms) | terraform-aws-modules/kms/aws | 2.1.0 |
| <a name="module_self_managed_node_group"></a> [self\_managed\_node\_group](#module\_self\_managed\_node\_group) | ./modules/self-managed-node-group | n/a |

## Resources
Expand Down
2 changes: 1 addition & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ resource "aws_cloudwatch_log_group" "this" {

module "kms" {
source = "terraform-aws-modules/kms/aws"
version = "1.1.0" # Note - be mindful of Terraform/provider version compatibility between modules
version = "2.1.0" # Note - be mindful of Terraform/provider version compatibility between modules

create = local.create && var.create_kms_key && local.enable_cluster_encryption_config # not valid on Outposts

Expand Down
2 changes: 1 addition & 1 deletion modules/karpenter/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ locals {

iam_role_name = coalesce(var.iam_role_name, "Karpenter-${var.cluster_name}")
iam_role_policy_prefix = "arn:${local.partition}:iam::aws:policy"
cni_policy = var.cluster_ip_family == "ipv6" ? "${local.iam_role_policy_prefix}/AmazonEKS_CNI_IPv6_Policy" : "${local.iam_role_policy_prefix}/AmazonEKS_CNI_Policy"
cni_policy = var.cluster_ip_family == "ipv6" ? "arn:${local.partition}:iam::${local.account_id}:policy/AmazonEKS_CNI_IPv6_Policy" : "${local.iam_role_policy_prefix}/AmazonEKS_CNI_Policy"
}

data "aws_iam_policy_document" "assume_role" {
Expand Down

0 comments on commit 0732bea

Please sign in to comment.