@@ -52,26 +52,6 @@ resource "aws_eks_cluster" "this" {
5252 ]
5353}
5454
55- resource "aws_security_group_rule" "cluster_private_access" {
56- description = " Allow private K8S API ingress from custom source."
57- count = . create_eks && var. cluster_create_endpoint_private_access_sg_rule && var. cluster_endpoint_private_access ? 1 : 0
58- type = " ingress"
59- from_port = 443
60- to_port = 443
61- protocol = " tcp"
62- cidr_blocks = . cluster_endpoint_private_access_cidrs
63-
64- security_group_id = . this [0 ]. vpc_config [0 ]. cluster_security_group_id
65- }
66-
67-
68- data "http" "wait_for_cluster" {
69- count = . create_eks && var. manage_aws_auth ? 1 : 0
70- url = format (" %s/healthz" . this [0 ]. endpoint )
71- ca_certificate = base64decode (coalescelist (aws_eks_cluster. this [* ]. certificate_authority [0 ]. data , [" " 0 ])
72- timeout = 300
73- }
74-
7555resource "aws_security_group" "cluster" {
7656 count = . cluster_create_security_group && var. create_eks ? 1 : 0
7757 name_prefix = . cluster_name
@@ -107,6 +87,18 @@ resource "aws_security_group_rule" "cluster_https_worker_ingress" {
10787 type = " ingress"
10888}
10989
90+ resource "aws_security_group_rule" "cluster_private_access" {
91+ description = " Allow private K8S API ingress from custom source."
92+ count = . create_eks && var. cluster_create_endpoint_private_access_sg_rule && var. cluster_endpoint_private_access ? 1 : 0
93+ type = " ingress"
94+ from_port = 443
95+ to_port = 443
96+ protocol = " tcp"
97+ cidr_blocks = . cluster_endpoint_private_access_cidrs
98+
99+ security_group_id = . this [0 ]. vpc_config [0 ]. cluster_security_group_id
100+ }
101+
110102resource "aws_iam_role" "cluster" {
111103 count = . manage_cluster_iam_resources && var. create_eks ? 1 : 0
112104 name_prefix = . cluster_iam_role_name != " " ? null : var. cluster_name
0 commit comments