fix: Allow "EC2" access entry type for EKS Auto Mode custom node pools
#3281
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…y can be done for EC2 type for creating access entry for Node role. While Creating Access entry for Self managed node role, we were getting below error as it seems EC2 type is included in exception for policy attachment. Once I removed EC2 from exception condition, it started picking up Policy attachment and Access Entry got created. │ Error: Unsupported attribute │ │ on .terraform/modules/eks/main.tf line 289, in resource "aws_eks_access_policy_association" "this": │ 289: policy_arn = each.value.association_policy_arn │ ├──────────────── │ │ each.value is object with 3 attributes │ │ This object does not have an attribute named "association_policy_arn".
vibhamsharma
commented
Jan 20, 2025
|
@bryantbiggs @antonbabenko : Can someone plz review this PR as we are not able to create Access Entry for self managed node role. |
bryantbiggs
changed the title
"EC2" access entry type for EKS Auto Mode custom node pools
bryantbiggs
approved these changes
Jan 22, 2025
bryantbiggs
merged commit 3e2ea83
into
terraform-aws-modules:master
25 of 28 checks passed
antonbabenko
pushed a commit
that referenced
this pull request
Jan 22, 2025
## [20.33.1](v20.33.0...v20.33.1) (2025-01-22) ### Bug Fixes * Allow `"EC2"` access entry type for EKS Auto Mode custom node pools ([#3281](#3281)) ([3e2ea83](3e2ea83))
|
This PR is included in version 20.33.1 🎉 |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While Creating Access entry for Self managed node role, we were getting below error as it seems EC2 type is in exception for policy attachment. Once I removed EC2 from exception condition, it started picking up Policy attachment and Access Entry got created. We need this for creating Access Entry for Node role in EKS Automode.
│ Error: Unsupported attribute
│
│ on .terraform/modules/eks/main.tf line 289, in resource "aws_eks_access_policy_association" "this":
│ 289: policy_arn = each.value.association_policy_arn
│ ├────────────────
│ │ each.value is object with 3 attributes
│
│ This object does not have an attribute named "association_policy_arn".
Description
I have removed EC2 from exception list of policy attachment. Once done, it start creating policy attachment for EC2 type access entry which is needed to create Access entry for Self managed Node role in EKS Automode.
Motivation and Context
This is required to create Access Entry for Node role in EKS Automode.
unable to attach access policies to access entries of type EC2 #3274
Breaking Changes
No
How Has This Been Tested?
examples/*to demonstrate and validate my change(s)examples/*projectsI have tested it with my EKS Automode cluster created through this EKS module and it created Access Entry Successfully.
pre-commit run -aon my pull request