From 06c291eed807d6361f099dc3dc50b83bd62bb3f7 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Wed, 24 Sep 2025 18:02:03 -0500 Subject: [PATCH 1/3] fix: Raise min supported version of AWS provider for EKS Auto Mode corrections --- README.md | 4 ++-- examples/eks-auto-mode/README.md | 4 ++-- examples/eks-auto-mode/versions.tf | 2 +- examples/eks-hybrid-nodes/README.md | 6 +++--- examples/eks-hybrid-nodes/versions.tf | 2 +- examples/eks-managed-node-group/versions.tf | 2 +- examples/karpenter/README.md | 6 +++--- examples/karpenter/versions.tf | 2 +- examples/self-managed-node-group/versions.tf | 2 +- modules/eks-managed-node-group/README.md | 4 ++-- modules/eks-managed-node-group/versions.tf | 2 +- modules/fargate-profile/README.md | 4 ++-- modules/fargate-profile/versions.tf | 2 +- modules/hybrid-node-role/README.md | 4 ++-- modules/hybrid-node-role/versions.tf | 2 +- modules/karpenter/README.md | 4 ++-- modules/karpenter/versions.tf | 2 +- modules/self-managed-node-group/README.md | 4 ++-- modules/self-managed-node-group/versions.tf | 2 +- tests/eks-fargate-profile/README.md | 4 ++-- tests/eks-fargate-profile/versions.tf | 2 +- tests/eks-hybrid-nodes/README.md | 2 +- tests/eks-hybrid-nodes/versions.tf | 2 +- tests/eks-managed-node-group/README.md | 4 ++-- tests/eks-managed-node-group/versions.tf | 2 +- tests/self-managed-node-group/README.md | 4 ++-- tests/self-managed-node-group/versions.tf | 2 +- versions.tf | 2 +- 28 files changed, 42 insertions(+), 42 deletions(-) diff --git a/README.md b/README.md index 84a960af20..b3b1cae4dd 100644 --- a/README.md +++ b/README.md @@ -347,7 +347,7 @@ We are grateful to the community for contributing bugfixes and improvements! Ple | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | | [time](#requirement\_time) | >= 0.9 | | [tls](#requirement\_tls) | >= 4.0 | @@ -355,7 +355,7 @@ We are grateful to the community for contributing bugfixes and improvements! Ple | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | | [time](#provider\_time) | >= 0.9 | | [tls](#provider\_tls) | >= 4.0 | diff --git a/examples/eks-auto-mode/README.md b/examples/eks-auto-mode/README.md index 3dbb1c62c6..57cdfa7d4b 100644 --- a/examples/eks-auto-mode/README.md +++ b/examples/eks-auto-mode/README.md @@ -25,13 +25,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/examples/eks-auto-mode/versions.tf b/examples/eks-auto-mode/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/examples/eks-auto-mode/versions.tf +++ b/examples/eks-auto-mode/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/examples/eks-hybrid-nodes/README.md b/examples/eks-hybrid-nodes/README.md index f5da694d80..e4afac8bec 100644 --- a/examples/eks-hybrid-nodes/README.md +++ b/examples/eks-hybrid-nodes/README.md @@ -26,7 +26,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | | [helm](#requirement\_helm) | >= 3.0 | | [http](#requirement\_http) | >= 3.4 | | [local](#requirement\_local) | >= 2.5 | @@ -36,8 +36,8 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | -| [aws.remote](#provider\_aws.remote) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | +| [aws.remote](#provider\_aws.remote) | >= 6.15 | | [helm](#provider\_helm) | >= 3.0 | | [http](#provider\_http) | >= 3.4 | | [local](#provider\_local) | >= 2.5 | diff --git a/examples/eks-hybrid-nodes/versions.tf b/examples/eks-hybrid-nodes/versions.tf index 988eb51212..74ba3338c5 100644 --- a/examples/eks-hybrid-nodes/versions.tf +++ b/examples/eks-hybrid-nodes/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } helm = { source = "hashicorp/helm" diff --git a/examples/eks-managed-node-group/versions.tf b/examples/eks-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/examples/eks-managed-node-group/versions.tf +++ b/examples/eks-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/examples/karpenter/README.md b/examples/karpenter/README.md index 8465cfb6c9..cbf8ff90c0 100644 --- a/examples/karpenter/README.md +++ b/examples/karpenter/README.md @@ -94,15 +94,15 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | | [helm](#requirement\_helm) | >= 3.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | -| [aws.virginia](#provider\_aws.virginia) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | +| [aws.virginia](#provider\_aws.virginia) | >= 6.15 | | [helm](#provider\_helm) | >= 3.0 | ## Modules diff --git a/examples/karpenter/versions.tf b/examples/karpenter/versions.tf index e8922f3f27..0c6561a848 100644 --- a/examples/karpenter/versions.tf +++ b/examples/karpenter/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } helm = { source = "hashicorp/helm" diff --git a/examples/self-managed-node-group/versions.tf b/examples/self-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/examples/self-managed-node-group/versions.tf +++ b/examples/self-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/modules/eks-managed-node-group/README.md b/modules/eks-managed-node-group/README.md index f2744c45f3..1ca9c95095 100644 --- a/modules/eks-managed-node-group/README.md +++ b/modules/eks-managed-node-group/README.md @@ -64,13 +64,13 @@ module "eks_managed_node_group" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/modules/eks-managed-node-group/versions.tf b/modules/eks-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/modules/eks-managed-node-group/versions.tf +++ b/modules/eks-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/modules/fargate-profile/README.md b/modules/fargate-profile/README.md index 4685c58b85..6c260145ff 100644 --- a/modules/fargate-profile/README.md +++ b/modules/fargate-profile/README.md @@ -29,13 +29,13 @@ module "fargate_profile" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/modules/fargate-profile/versions.tf b/modules/fargate-profile/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/modules/fargate-profile/versions.tf +++ b/modules/fargate-profile/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/modules/hybrid-node-role/README.md b/modules/hybrid-node-role/README.md index ce84bbd19f..45285c033f 100644 --- a/modules/hybrid-node-role/README.md +++ b/modules/hybrid-node-role/README.md @@ -75,13 +75,13 @@ module "eks_hybrid_node_role" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/modules/hybrid-node-role/versions.tf b/modules/hybrid-node-role/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/modules/hybrid-node-role/versions.tf +++ b/modules/hybrid-node-role/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/modules/karpenter/README.md b/modules/karpenter/README.md index fea43a9a27..df1b123479 100644 --- a/modules/karpenter/README.md +++ b/modules/karpenter/README.md @@ -86,13 +86,13 @@ module "karpenter" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/modules/karpenter/versions.tf b/modules/karpenter/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/modules/karpenter/versions.tf +++ b/modules/karpenter/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/modules/self-managed-node-group/README.md b/modules/self-managed-node-group/README.md index 04ad2e61c2..fb04648cea 100644 --- a/modules/self-managed-node-group/README.md +++ b/modules/self-managed-node-group/README.md @@ -43,13 +43,13 @@ module "self_managed_node_group" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/modules/self-managed-node-group/versions.tf b/modules/self-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/modules/self-managed-node-group/versions.tf +++ b/modules/self-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/tests/eks-fargate-profile/README.md b/tests/eks-fargate-profile/README.md index 28d2f06db1..600f83d5af 100644 --- a/tests/eks-fargate-profile/README.md +++ b/tests/eks-fargate-profile/README.md @@ -18,13 +18,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/tests/eks-fargate-profile/versions.tf b/tests/eks-fargate-profile/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/tests/eks-fargate-profile/versions.tf +++ b/tests/eks-fargate-profile/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/tests/eks-hybrid-nodes/README.md b/tests/eks-hybrid-nodes/README.md index 71ae477191..6c6cd65252 100644 --- a/tests/eks-hybrid-nodes/README.md +++ b/tests/eks-hybrid-nodes/README.md @@ -18,7 +18,7 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | | [tls](#requirement\_tls) | >= 4.0 | ## Providers diff --git a/tests/eks-hybrid-nodes/versions.tf b/tests/eks-hybrid-nodes/versions.tf index 6be6e0b052..782544463d 100644 --- a/tests/eks-hybrid-nodes/versions.tf +++ b/tests/eks-hybrid-nodes/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } tls = { source = "hashicorp/tls" diff --git a/tests/eks-managed-node-group/README.md b/tests/eks-managed-node-group/README.md index d53f0a633b..9b415f283b 100644 --- a/tests/eks-managed-node-group/README.md +++ b/tests/eks-managed-node-group/README.md @@ -18,13 +18,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/tests/eks-managed-node-group/versions.tf b/tests/eks-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/tests/eks-managed-node-group/versions.tf +++ b/tests/eks-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/tests/self-managed-node-group/README.md b/tests/self-managed-node-group/README.md index d45c7ee922..df4457cef4 100644 --- a/tests/self-managed-node-group/README.md +++ b/tests/self-managed-node-group/README.md @@ -18,13 +18,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.5.7 | -| [aws](#requirement\_aws) | >= 6.13 | +| [aws](#requirement\_aws) | >= 6.15 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 6.13 | +| [aws](#provider\_aws) | >= 6.15 | ## Modules diff --git a/tests/self-managed-node-group/versions.tf b/tests/self-managed-node-group/versions.tf index 8f71cb6086..e1ac31cae0 100644 --- a/tests/self-managed-node-group/versions.tf +++ b/tests/self-managed-node-group/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } } } diff --git a/versions.tf b/versions.tf index d6ab6ed94e..0ebaec8d6b 100644 --- a/versions.tf +++ b/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 6.13" + version = ">= 6.15" } tls = { source = "hashicorp/tls" From 2ad67a5f369e8e0610c4d921de32cb63b3c742c7 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Thu, 25 Sep 2025 16:22:43 -0500 Subject: [PATCH 2/3] docs: Add note on encryption config settings --- docs/UPGRADE-21.0.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/UPGRADE-21.0.md b/docs/UPGRADE-21.0.md index 695c8c80f2..9d6500b1d4 100644 --- a/docs/UPGRADE-21.0.md +++ b/docs/UPGRADE-21.0.md @@ -32,6 +32,7 @@ If you find a bug, please open an issue with supporting configuration to reprodu - `addons.most_recent` is now set to `true` by default (was `false`). - `cluster_identity_providers.issuer_url` is now required to be set by users; the prior incorrect default has been removed. See https://github.com/terraform-aws-modules/terraform-aws-eks/pull/3055 and https://github.com/kubernetes/kubernetes/pull/123561 for more details. - The OIDC issuer URL for IAM roles for service accounts (IRSA) has been changed to use the new dual stack`oidc-eks` endpoint instead of `oidc.eks`. This is to align with https://github.com/aws/containers-roadmap/issues/2038#issuecomment-2278450601 +- With the changes to the variable type definition for `encryption_config` (formerly `cluster_encryption_config`), if you wish to disable secret encryption with a custom KMS key you should set `encryption_config = null` (In `v20.x`, you would previously have set `encryption_config = {}` to achieve the same outcome). Secret encryption can no longer be disabled - it is either enabled by default with the AWS managed key (`encryption_config = null`), or with a custom KMS key ( either leaving as is by not specifying or passing your own custom key ARN). EKS now encrypts secrets at rest by default docs.aws.amazon.com/eks/latest/userguide/envelope-encryption.html and the default secret encryption w/ custom KMS key creation/usage by default was made years prior starting in version `v19.0` of this module. Removing this default behavior will be evaluated at the next breaking change given that secrets are now automatically encrypted at rest by AWS. ## Additional changes From 2f1b902d5c3c39a8ffb3c0e4aae17d592fb71c7d Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Mon, 6 Oct 2025 11:21:44 -0500 Subject: [PATCH 3/3] fix: Revert forcing a value for all EKS Auto Mode fields now that provider handles this --- .pre-commit-config.yaml | 2 +- README.md | 16 +++++++++++++++- examples/eks-auto-mode/main.tf | 3 +++ examples/karpenter/README.md | 1 - examples/karpenter/main.tf | 7 +------ main.tf | 8 ++++---- variables.tf | 3 +-- 7 files changed, 25 insertions(+), 15 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7cf0036a18..5198bb3f6b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.100.0 + rev: v1.101.0 hooks: - id: terraform_fmt - id: terraform_docs diff --git a/README.md b/README.md index b3b1cae4dd..f596586f76 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,17 @@ Please note that we strive to provide a comprehensive suite of documentation for ### EKS Auto Mode +> [!CAUTION] +> Due to the current EKS Auto Mode API, to disable EKS Auto Mode you will have to explicity set: +> +>```hcl +>compute_config = { +> enabled = false +> } +>``` +> +> If you try to disable by simply removing the `compute_config` block, this will fail to disble EKS Auto Mode. Only after applying with `enabled = false` can you then remove the `compute_config` block from your configurations. + ```hcl module "eks" { source = "terraform-aws-modules/eks/aws" @@ -75,6 +86,9 @@ module "eks" { # Create just the IAM resources for EKS Auto Mode for use with custom node pools create_auto_mode_iam_resources = true + compute_config = { + enabled = true + } vpc_id = "vpc-1234556abcdef" subnet_ids = ["subnet-abcde012", "subnet-bcde012a", "subnet-fghi345a"] @@ -422,7 +436,7 @@ We are grateful to the community for contributing bugfixes and improvements! Ple | [cloudwatch\_log\_group\_retention\_in\_days](#input\_cloudwatch\_log\_group\_retention\_in\_days) | Number of days to retain log events. Default retention - 90 days | `number` | `90` | no | | [cloudwatch\_log\_group\_tags](#input\_cloudwatch\_log\_group\_tags) | A map of additional tags to add to the cloudwatch log group created | `map(string)` | `{}` | no | | [cluster\_tags](#input\_cluster\_tags) | A map of additional tags to add to the cluster | `map(string)` | `{}` | no | -| [compute\_config](#input\_compute\_config) | Configuration block for the cluster compute configuration | 
object({
    enabled       = optional(bool, false)
    node_pools    = optional(list(string))
    node_role_arn = optional(string)
  })
| `{}` | no | +| [compute\_config](#input\_compute\_config) | Configuration block for the cluster compute configuration | 
object({
    enabled       = optional(bool, false)
    node_pools    = optional(list(string))
    node_role_arn = optional(string)
  })
| `null` | no | | [control\_plane\_subnet\_ids](#input\_control\_plane\_subnet\_ids) | A list of subnet IDs where the EKS cluster control plane (ENIs) will be provisioned. Used for expanding the pool of subnets used by nodes/node groups without replacing the EKS control plane | `list(string)` | `[]` | no | | [create](#input\_create) | Controls if resources should be created (affects nearly all resources) | `bool` | `true` | no | | [create\_auto\_mode\_iam\_resources](#input\_create\_auto\_mode\_iam\_resources) | Determines whether to create/attach IAM resources for EKS Auto Mode. Useful for when using only custom node pools and not built-in EKS Auto Mode node pools | `bool` | `false` | no | diff --git a/examples/eks-auto-mode/main.tf b/examples/eks-auto-mode/main.tf index 05eec9b0e4..02dc255a24 100644 --- a/examples/eks-auto-mode/main.tf +++ b/examples/eks-auto-mode/main.tf @@ -60,6 +60,9 @@ module "eks_auto_custom_node_pools" { # Create just the IAM resources for EKS Auto Mode for use with custom node pools create_auto_mode_iam_resources = true + compute_config = { + enabled = true + } vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets diff --git a/examples/karpenter/README.md b/examples/karpenter/README.md index cbf8ff90c0..81863c0248 100644 --- a/examples/karpenter/README.md +++ b/examples/karpenter/README.md @@ -102,7 +102,6 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [aws](#provider\_aws) | >= 6.15 | -| [aws.virginia](#provider\_aws.virginia) | >= 6.15 | | [helm](#provider\_helm) | >= 3.0 | ## Modules diff --git a/examples/karpenter/main.tf b/examples/karpenter/main.tf index 6f652327c3..c61b4b9920 100644 --- a/examples/karpenter/main.tf +++ b/examples/karpenter/main.tf @@ -2,11 +2,6 @@ provider "aws" { region = local.region } -provider "aws" { - region = "us-east-1" - alias = "virginia" -} - provider "helm" { kubernetes = { host = module.eks.cluster_endpoint @@ -30,7 +25,7 @@ data "aws_availability_zones" "available" { } data "aws_ecrpublic_authorization_token" "token" { - provider = aws.virginia + region = "us-east-1" } locals { diff --git a/main.tf b/main.tf index 263380b817..5d260d4dae 100644 --- a/main.tf +++ b/main.tf @@ -26,7 +26,7 @@ locals { create_outposts_local_cluster = var.outpost_config != null enable_encryption_config = var.encryption_config != null && !local.create_outposts_local_cluster - create_auto_mode_iam_resources = var.compute_config.enabled || var.create_auto_mode_iam_resources + create_auto_mode_iam_resources = try(var.compute_config.enabled, false) == true || var.create_auto_mode_iam_resources } ################################################################################ @@ -58,7 +58,7 @@ resource "aws_eks_cluster" "this" { } dynamic "compute_config" { - for_each = [var.compute_config] + for_each = var.compute_config != null ? [var.compute_config] : [] content { enabled = compute_config.value.enabled @@ -81,7 +81,7 @@ resource "aws_eks_cluster" "this" { content { dynamic "elastic_load_balancing" { - for_each = [var.compute_config] + for_each = var.compute_config != null ? [var.compute_config] : [] content { enabled = elastic_load_balancing.value.enabled @@ -148,7 +148,7 @@ resource "aws_eks_cluster" "this" { } dynamic "storage_config" { - for_each = [var.compute_config] + for_each = var.compute_config != null ? [var.compute_config] : [] content { block_storage { diff --git a/variables.tf b/variables.tf index 0b155d0786..842d473499 100644 --- a/variables.tf +++ b/variables.tf @@ -69,8 +69,7 @@ variable "compute_config" { node_pools = optional(list(string)) node_role_arn = optional(string) }) - default = {} - nullable = false + default = null } variable "upgrade_policy" {