fix: Avoid re-naming the primary security group through a Name tag and leave to the EKS service to manage (terraform-aws-modules#2010)

bryantbiggs · web-flow · commit b5ae5daa39f8 · 2022-04-12T10:36:03.000+02:00
diff --git a/examples/eks_managed_node_group/main.tf b/examples/eks_managed_node_group/main.tf
@@ -67,6 +67,13 @@ module "eks" {
     resources        = ["secrets"]
   }]
 
+  cluster_tags = {
+    # This should not affect the name of the cluster primary security group
+    # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2006
+    # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2008
+    Name = local.name
+  }
+
   vpc_id     = module.vpc.vpc_id
   subnet_ids = module.vpc.private_subnets
 
diff --git a/main.tf b/main.tf
@@ -60,7 +60,10 @@ resource "aws_eks_cluster" "this" {
 }
 
 resource "aws_ec2_tag" "cluster_primary_security_group" {
-  for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create }
+  # This should not affect the name of the cluster primary security group
+  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2006
+  # Ref: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2008
+  for_each = { for k, v in merge(var.tags, var.cluster_tags) : k => v if local.create && k != "Name" }
 
   resource_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
   key         = each.key
