Fargate aws_iam_role throwing error due to long cluster_name

[gugacavalieri]

Description

When trying to add a Fargate profile to our cluster we are getting an error thrown by the Fargate module. Apparently, the aws_iam_role resource has a char limit on the name_prefix attribute.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Terraform:

Terraform v0.13.5

 - Provider(s):
 - Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.31.0
+ provider registry.terraform.io/hashicorp/kubernetes v1.13.3
+ provider registry.terraform.io/hashicorp/local v1.4.0
+ provider registry.terraform.io/hashicorp/null v2.1.2
+ provider registry.terraform.io/hashicorp/random v2.3.1
+ provider registry.terraform.io/hashicorp/template v2.2.0

• Module: Fargate

Reproduction

Steps to reproduce the behavior:

1. Clone this repo.
2. cd examples/fargate/
3. in main.tf change locals.cluster_name from "test-eks-${random_string.suffix.result}" to "cluster-name-will-have-lot"
4. terraform init
5. terraform plan

Code Snippet to Reproduce

Expected behavior

We expect to see a execution plan with the Fargate IAM Role being created using the cluster name.

Actual behavior

Instead, we get the following error:

module.eks.data.aws_ami.eks_worker_windows: Refreshing state...
module.eks.data.aws_partition.current: Refreshing state...
module.eks.data.aws_ami.eks_worker: Refreshing state...
module.eks.data.aws_caller_identity.current: Refreshing state...
module.eks.module.fargate.data.aws_iam_policy_document.eks_fargate_pod_assume_role[0]: Refreshing state...
data.aws_availability_zones.available: Refreshing state...
module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Refreshing state...
module.eks.data.aws_iam_policy_document.cluster_elb_sl_role_creation[0]: Refreshing state...
module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Refreshing state...

Error: expected length of name_prefix to be in the range (1 - 32), got cluster-name-will-have-lot-fargate

  on ../../modules/fargate/fargate.tf line 3, in resource "aws_iam_role" "eks_fargate_pod":
   3:   name_prefix          = format("%s-fargate", var.cluster_name)

Terminal Output Screenshot(s)

Additional context

I would love to open a PR for fixing this. At first I thought of using the substr(string, offset, length) to limit the cluster name in the fargate.tf file. I tested it and it works for long and short cluster_names. Any other ideas?

[stijndehaes]

I did something similar you have tested the substr(...) with a shorter name?

[gugacavalieri]

@stijndehaes yes! In this case the substr(...) returns the original string 😄

[stijndehaes]

@stijndehaes yes! In this case the substr(...) returns the original string 😄

That sounds perfect :) I have approved your PR. Not that I can merge it but I also need this change :)

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.