Control plane security group always whitelist worker security group and revert #186

[ryanooi]

PR o'clock

Description

1. Main change on cluster.tf aws_security_group_rule.cluster_https_worker_ingress intended to whitelist port 443 for newly created security group or self attach security group from worker's security group. Self attach control plane security group will not able to whitelist worker security group before it get created therefore additional step will required.
2. Revert PR Add ability to pass computed values to cluster_security_group_id and worker_security_group_id #186 as Terraform v0.12.x fixed "count cannot be computed" issue
   2.1 Remove cluster_create_security_group and worker_create_security_group to improve consistency. There is no guarantee/enforcement when you set cluster_create_security_group or worker_create_security_group to false, user will also provide cluster_security_group_id or worker_security_group_id.

Checklist

• Change added to CHANGELOG.md. All changes must be added and breaking changes and highlighted
• CI tests are passing
• README.md has been updated after any changes to variables and outputs. See https://github.com/terraform-aws-modules/terraform-aws-eks/#doc-generation

[ryanooi]

Need some explanation? or?

[max-rocket-internet]

Actually, this is a breaking change as you are removing some vars. So also please write details under Important notes that clearly explain how to migrate after this change 🙂

[max-rocket-internet]

OK nice. Great to remove 2 variables 🚀

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.