Enable protection for eks_cluster and managed node group

psibi · psibi · commit 5063dc124087 · 2023-07-11T15:15:10.000+05:30
diff --git a/main.tf b/main.tf
@@ -88,6 +88,10 @@ resource "aws_eks_cluster" "this" {
     aws_cloudwatch_log_group.this,
     aws_iam_policy.cni_ipv6_policy,
   ]
+
+  lifecycle {
+    prevent_destroy = true
+  }
 }
 
 resource "aws_ec2_tag" "cluster_primary_security_group" {
diff --git a/modules/eks-managed-node-group/main.tf b/modules/eks-managed-node-group/main.tf
@@ -382,6 +382,7 @@ resource "aws_eks_node_group" "this" {
     ignore_changes = [
       scaling_config[0].desired_size,
     ]
+    prevent_destroy = true
   }
 
   tags = merge(

Original file line number	Diff line number	Diff line change
`@@ -88,6 +88,10 @@ resource "aws_eks_cluster" "this" {`
`88`	`88`	`aws_cloudwatch_log_group.this,`
`89`	`89`	`aws_iam_policy.cni_ipv6_policy,`
`90`	`90`	`]`
	`91`	`+`
	`92`	`+ lifecycle {`
	`93`	`+ prevent_destroy = true`
	`94`	`+ }`
`91`	`95`	`}`
`92`	`96`
`93`	`97`	`resource "aws_ec2_tag" "cluster_primary_security_group" {`
Original file line number	Diff line number	Diff line change
`@@ -382,6 +382,7 @@ resource "aws_eks_node_group" "this" {`
`382`	`382`	`ignore_changes = [`
`383`	`383`	`scaling_config[0].desired_size,`
`384`	`384`	`]`
	`385`	`+ prevent_destroy = true`
`385`	`386`	`}`
`386`	`387`
`387`	`388`	`tags = merge(`