From d4ea40eac50e3172da80baec16de6fa6e947322a Mon Sep 17 00:00:00 2001 From: bcarranza Date: Tue, 27 Feb 2024 12:40:11 -0600 Subject: [PATCH 1/3] aws role name cis don't fix the name --- terraform-modules/aws/eks/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-modules/aws/eks/main.tf b/terraform-modules/aws/eks/main.tf index e42bd27b3..f1d5c03a1 100644 --- a/terraform-modules/aws/eks/main.tf +++ b/terraform-modules/aws/eks/main.tf @@ -73,7 +73,7 @@ data "aws_iam_policy_document" "csi" { resource "aws_iam_role" "eks_ebs_csi_driver" { assume_role_policy = data.aws_iam_policy_document.csi.json - name = "eks-ebs-csi-driver" + name = "eks-ebs-csi-driver-${var.cluster_name}" } resource "aws_iam_role_policy_attachment" "amazon_ebs_csi_driver" { From fbeb983c6cf995145d1ba882a3bcb1b732de2cd3 Mon Sep 17 00:00:00 2001 From: surendra-yelavarthi <149083189+surendra-yelavarthi@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:24:39 -0500 Subject: [PATCH 2/3] Fixing csi driver add-on issue --- terraform-modules/aws/eks/main.tf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/terraform-modules/aws/eks/main.tf b/terraform-modules/aws/eks/main.tf index f1d5c03a1..8c257368a 100644 --- a/terraform-modules/aws/eks/main.tf +++ b/terraform-modules/aws/eks/main.tf @@ -45,7 +45,7 @@ ebs csi driver is available since 1.14 so it shouldn't impact in previous versio that it's using this module. https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/ */ - +/* resource "aws_eks_addon" "csi_driver" { cluster_name = module.eks.cluster_id addon_name = "aws-ebs-csi-driver" @@ -53,6 +53,7 @@ resource "aws_eks_addon" "csi_driver" { service_account_role_arn = aws_iam_role.eks_ebs_csi_driver.arn } + data "aws_iam_policy_document" "csi" { statement { actions = ["sts:AssumeRoleWithWebIdentity"] @@ -80,7 +81,7 @@ resource "aws_iam_role_policy_attachment" "amazon_ebs_csi_driver" { role = aws_iam_role.eks_ebs_csi_driver.name policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy" } - +*/ module "eks" { source = "terraform-aws-modules/eks/aws" From 08cd7e9c2016b6816758ac15211350b468c94967 Mon Sep 17 00:00:00 2001 From: surendra-yelavarthi <149083189+surendra-yelavarthi@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:31:22 -0500 Subject: [PATCH 3/3] Update csi driver version to v1.16.0-eksbuild.1 --- terraform-modules/aws/eks/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform-modules/aws/eks/main.tf b/terraform-modules/aws/eks/main.tf index 8c257368a..5b91f5bc8 100644 --- a/terraform-modules/aws/eks/main.tf +++ b/terraform-modules/aws/eks/main.tf @@ -45,11 +45,11 @@ ebs csi driver is available since 1.14 so it shouldn't impact in previous versio that it's using this module. https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/ */ -/* + resource "aws_eks_addon" "csi_driver" { cluster_name = module.eks.cluster_id addon_name = "aws-ebs-csi-driver" - addon_version = "v1.11.4-eksbuild.1" + addon_version = "v1.16.0-eksbuild.1" service_account_role_arn = aws_iam_role.eks_ebs_csi_driver.arn } @@ -81,7 +81,7 @@ resource "aws_iam_role_policy_attachment" "amazon_ebs_csi_driver" { role = aws_iam_role.eks_ebs_csi_driver.name policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy" } -*/ + module "eks" { source = "terraform-aws-modules/eks/aws"