Skip to content

Commit

Permalink
fix: Do not attach policy if Karpenter node role is not created by mo…
Browse files Browse the repository at this point in the history 
…dule (#2964)
  • Loading branch information
@dex4er
dex4er authored Mar 10, 2024
1 parent 6d3d6d9 commit 3ad19d7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules/karpenter/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -570,7 +570,7 @@ resource "aws_iam_role_policy_attachment" "node" {
AmazonEC2ContainerRegistryReadOnly = "${local.node_iam_role_policy_prefix}/AmazonEC2ContainerRegistryReadOnly"
AmazonEKS_CNI_IPv6_Policy = var.node_iam_role_attach_cni_policy && var.cluster_ip_family == "ipv6" ? local.cni_policy : ""
AmazonEKS_CNI_Policy = var.node_iam_role_attach_cni_policy && var.cluster_ip_family == "ipv4" ? local.cni_policy : ""
} : k => v if var.create && var.create_iam_role && v != "" }
} : k => v if local.create_node_iam_role && v != "" }

policy_arn = each.value
role = aws_iam_role.node[0].name
Expand Down

0 comments on commit 3ad19d7

Please sign in to comment.