From 1266e3b3ab523fec2d1cbbffd5696eb50b473822 Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Tue, 10 Sep 2024 12:49:12 -0400
Subject: [PATCH 1/4] =?UTF-8?q?=F0=9F=90=9B=20fix(cluster=5Faccess):=20upd?=
 =?UTF-8?q?ate=20access=20entries=20for=20sso=20and=20non-sso=20roles?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 2 --
 main.tf   | 5 +++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index a27a618..c8ab9d5 100644
--- a/README.md
+++ b/README.md
@@ -121,8 +121,6 @@ Change logs are auto-generated with commitizen.
 | [aws_ebs_default_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source |
 | [aws_iam_roles.roles](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
 | [aws_iam_roles.sso_admins](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
-| [aws_iam_roles.sso_read](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
-| [aws_iam_session_context.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_session_context) | data source |
 | [aws_kms_key.ebs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 | [aws_subnet.subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
diff --git a/main.tf b/main.tf
index 1ca8953..71f9fbc 100644
--- a/main.tf
+++ b/main.tf
@@ -41,8 +41,6 @@ locals {
   tags           = merge(local.base_tags, var.tags)
   vpc_cidr_block = data.aws_vpc.eks_vpc.cidr_block
   vpc_id         = data.aws_vpc.eks_vpc.id
-
-
 }
 
 module "cluster" {
@@ -66,6 +64,9 @@ module "cluster" {
   subnet_ids = local.subnets
 
   cluster_addons = {
+    adot = {
+      most_recent = true
+    }
     amazon-cloudwatch-observability = {
       most_recent              = true
       service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn

From 9cd15c0b00519850bc5a041e0f1a4467c3e3b1cb Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Tue, 10 Sep 2024 13:31:16 -0400
Subject: [PATCH 2/4] =?UTF-8?q?=F0=9F=90=9B=20fix(adot):=20removed=20adot?=
 =?UTF-8?q?=20addon=20as=20it=20requires=20pre-existing=20cluster=20cert-m?=
 =?UTF-8?q?anager?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 main.tf | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/main.tf b/main.tf
index 71f9fbc..6f929ed 100644
--- a/main.tf
+++ b/main.tf
@@ -64,9 +64,6 @@ module "cluster" {
   subnet_ids = local.subnets
 
   cluster_addons = {
-    adot = {
-      most_recent = true
-    }
     amazon-cloudwatch-observability = {
       most_recent              = true
       service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn

From 515f8f69a7eab950d870377f29016541b5027050 Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Tue, 10 Sep 2024 18:03:50 -0400
Subject: [PATCH 3/4] =?UTF-8?q?=E2=9C=A8=20feat(access=5Fentries):=20added?=
 =?UTF-8?q?=20inf-admin-t1=20to=20view=20access?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index c8ab9d5..5b25973 100644
--- a/README.md
+++ b/README.md
@@ -121,6 +121,7 @@ Change logs are auto-generated with commitizen.
 | [aws_ebs_default_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source |
 | [aws_iam_roles.roles](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
 | [aws_iam_roles.sso_admins](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
+| [aws_iam_roles.view_arns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
 | [aws_kms_key.ebs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 | [aws_subnet.subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |

From dd16a444a8953309ba8f18df42b507ecbd71b62d Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Thu, 12 Sep 2024 11:16:34 -0400
Subject: [PATCH 4/4] =?UTF-8?q?=F0=9F=90=9B=20fix(access=5Fentries):=20use?=
 =?UTF-8?q?=20concat(tolist...=20instead=20of=20merge?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md         | 15 ++++++++-------
 access_entries.tf |  2 +-
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 5b25973..33aa2f4 100644
--- a/README.md
+++ b/README.md
@@ -85,11 +85,11 @@ Change logs are auto-generated with commitizen.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.66.0 |
-| <a name="provider_aws.route53_main_east"></a> [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | 5.66.0 |
-| <a name="provider_aws.route53_main_west"></a> [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | 5.66.0 |
-| <a name="provider_aws.self"></a> [aws.self](#provider\_aws.self) | 5.66.0 |
-| <a name="provider_null"></a> [null](#provider\_null) | 3.2.2 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.14.0 |
+| <a name="provider_aws.route53_main_east"></a> [aws.route53\_main\_east](#provider\_aws.route53\_main\_east) | >= 5.14.0 |
+| <a name="provider_aws.route53_main_west"></a> [aws.route53\_main\_west](#provider\_aws.route53\_main\_west) | >= 5.14.0 |
+| <a name="provider_aws.self"></a> [aws.self](#provider\_aws.self) | >= 5.14.0 |
+| <a name="provider_null"></a> [null](#provider\_null) | >= 3.2.1 |
 
 ## Modules
 
@@ -121,7 +121,8 @@ Change logs are auto-generated with commitizen.
 | [aws_ebs_default_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source |
 | [aws_iam_roles.roles](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
 | [aws_iam_roles.sso_admins](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
-| [aws_iam_roles.view_arns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
+| [aws_iam_roles.sso_read](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_roles) | data source |
+| [aws_iam_session_context.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_session_context) | data source |
 | [aws_kms_key.ebs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 | [aws_subnet.subnets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
@@ -162,7 +163,7 @@ Change logs are auto-generated with commitizen.
 
 | Name | Description |
 |------|-------------|
-| <a name="output_access_entries"></a> [access\_entries](#output\_access\_entries) | the access entries created in the cluster |
+| <a name="output_access_entries"></a> [access\_entries](#output\_access\_entries) | The access\_entries object added to cluster |
 | <a name="output_cloudwatch_log_group_arn"></a> [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created |
 | <a name="output_cloudwatch_log_group_name"></a> [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created |
 | <a name="output_cluster_addons"></a> [cluster\_addons](#output\_cluster\_addons) | Map of attribute maps for all EKS cluster addons enabled |
diff --git a/access_entries.tf b/access_entries.tf
index 477eca7..d54c149 100644
--- a/access_entries.tf
+++ b/access_entries.tf
@@ -21,7 +21,7 @@ data "aws_iam_roles" "sso_read" {
 
 locals {
   access_entries = merge(local.admins, local.viewers)
-  arns           = [for arn in merge(data.aws_iam_roles.roles.arns, data.aws_iam_roles.sso_admins.arns) : arn if arn != data.aws_iam_session_context.current.issuer_arn]
+  arns           = [for arn in concat(tolist(data.aws_iam_roles.roles.arns), tolist(data.aws_iam_roles.sso_admins.arns)) : arn if arn != data.aws_iam_session_context.current.issuer_arn]
   admins = {
     for arn in local.arns :
     arn => {