fix: Add vpc_config.cluster_security_group output as primary cluster security group id (#828)

slimm609 · web-flow · commit 9c2a71874404 · 2020-04-23T17:36:51.000+02:00
diff --git a/README.md b/README.md
@@ -219,7 +219,8 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | cluster\_iam\_role\_name | IAM role name of the EKS cluster. |
 | cluster\_id | The name/id of the EKS cluster. |
 | cluster\_oidc\_issuer\_url | The URL on the EKS cluster OIDC Issuer |
-| cluster\_security\_group\_id | Security group ID attached to the EKS cluster. |
+| cluster\_primary\_security\_group\_id | The cluster primary security group ID created by the EKS cluster on 1.14 or later. Referred to as 'Cluster security group' in the EKS console. |
+| cluster\_security\_group\_id | Security group ID attached to the EKS cluster. On 1.14 or later, this is the 'Additional security groups' in the EKS console. |
 | cluster\_version | The Kubernetes server version for the EKS cluster. |
 | config\_map\_aws\_auth | A kubernetes configuration to authenticate to this EKS cluster. |
 | kubeconfig | kubectl config file contents for this EKS cluster. |
diff --git a/outputs.tf b/outputs.tf
@@ -24,7 +24,7 @@ output "cluster_version" {
 }
 
 output "cluster_security_group_id" {
-  description = "Security group ID attached to the EKS cluster."
+  description = "Security group ID attached to the EKS cluster. On 1.14 or later, this is the 'Additional security groups' in the EKS console."
   value       = local.cluster_security_group_id
 }
 
@@ -48,6 +48,11 @@ output "cluster_oidc_issuer_url" {
   value       = flatten(concat(aws_eks_cluster.this[*].identity[*].oidc.0.issuer, [""]))[0]
 }
 
+output "cluster_primary_security_group_id" {
+  description = "The cluster primary security group ID created by the EKS cluster on 1.14 or later. Referred to as 'Cluster security group' in the EKS console."
+  value       = var.cluster_version >= 1.14 ? element(concat(aws_eks_cluster.this[*].vpc_config[0].cluster_security_group_id, list("")), 0) : null
+}
+
 output "cloudwatch_log_group_name" {
   description = "Name of cloudwatch log group created"
   value       = aws_cloudwatch_log_group.this[*].name

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ output "cluster_version" {`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`output "cluster_security_group_id" {`
`27`		`- description = "Security group ID attached to the EKS cluster."`
	`27`	`+ description = "Security group ID attached to the EKS cluster. On 1.14 or later, this is the 'Additional security groups' in the EKS console."`
`28`	`28`	`value = local.cluster_security_group_id`
`29`	`29`	`}`
`30`	`30`
`@@ -48,6 +48,11 @@ output "cluster_oidc_issuer_url" {`
`48`	`48`	`value = flatten(concat(aws_eks_cluster.this[].identity[].oidc.0.issuer, [""]))[0]`
`49`	`49`	`}`
`50`	`50`
	`51`	`+output "cluster_primary_security_group_id" {`
	`52`	`+ description = "The cluster primary security group ID created by the EKS cluster on 1.14 or later. Referred to as 'Cluster security group' in the EKS console."`
	`53`	`+ value = var.cluster_version >= 1.14 ? element(concat(aws_eks_cluster.this[*].vpc_config[0].cluster_security_group_id, list("")), 0) : null`
	`54`	`+}`
	`55`	`+`
`51`	`56`	`output "cloudwatch_log_group_name" {`
`52`	`57`	`description = "Name of cloudwatch log group created"`
`53`	`58`	`value = aws_cloudwatch_log_group.this[*].name`