From a0f2bdcaa61d979cb0b036762226e35bc51aa88c Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 19:42:37 -0400 Subject: [PATCH 01/19] update sg naming --- security_groups.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/security_groups.tf b/security_groups.tf index e62c641..5fc9024 100644 --- a/security_groups.tf +++ b/security_groups.tf @@ -100,14 +100,6 @@ resource "aws_security_group" "extra_cluster_sg" { cidr_blocks = concat(var.census_private_cidr, ["10.0.0.0/8"]) } - # kubectl logs - ingress { - from_port = 10250 - to_port = 10250 - protocol = "tcp" - cidr_blocks = concat(var.census_private_cidr, ["10.0.0.0/8"]) - } - egress { from_port = 0 to_port = 0 From d17632e3383a0d47acb36d535b42f6271a6764f7 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 20:28:11 -0400 Subject: [PATCH 02/19] enable private access --- main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/main.tf b/main.tf index cf353f9..663db4b 100644 --- a/main.tf +++ b/main.tf @@ -44,6 +44,7 @@ module "cluster" { "controllerManager", "scheduler", ] + cloudwatch_log_group_retention_in_days = "14" vpc_id = local.vpc_id subnet_ids = local.subnets From b3bfa37f6a6aed34d5c93a9b7f86e0a2ab7e4937 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 20:47:06 -0400 Subject: [PATCH 03/19] align with upstream --- security_groups.tf | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/security_groups.tf b/security_groups.tf index 5fc9024..e8449a3 100644 --- a/security_groups.tf +++ b/security_groups.tf @@ -10,7 +10,11 @@ resource "aws_security_group" "additional_eks_cluster_sg" { tags = merge( local.base_tags, var.tags, +<<<<<<< HEAD { "Name" = local.additional_eks_cluster_sg_name }, +======= + tomap({ "Name" = local.additional_eks_cluster_sg_name }), +>>>>>>> ddd6d64 (align with upstream) ) vpc_id = data.aws_vpc.eks_vpc.id @@ -100,6 +104,14 @@ resource "aws_security_group" "extra_cluster_sg" { cidr_blocks = concat(var.census_private_cidr, ["10.0.0.0/8"]) } + # kubectl logs + ingress { + from_port = 10250 + to_port = 10250 + protocol = "tcp" + cidr_blocks = concat(var.census_private_cidr, ["10.0.0.0/8"]) + } + egress { from_port = 0 to_port = 0 From f108b142e0f6bb650e18ebc99b6a9c2ee540e8a2 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 21:43:01 -0400 Subject: [PATCH 04/19] set support to standard --- main.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main.tf b/main.tf index 663db4b..788ffa1 100644 --- a/main.tf +++ b/main.tf @@ -45,6 +45,9 @@ module "cluster" { "scheduler", ] cloudwatch_log_group_retention_in_days = "14" + upgrade_policy = { + support_type = "STANDARD" + } vpc_id = local.vpc_id subnet_ids = local.subnets From f8698f051bfb15439dd34b758f94d9897b0ed228 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 21:44:58 -0400 Subject: [PATCH 05/19] syntax --- main.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 788ffa1..3d19787 100644 --- a/main.tf +++ b/main.tf @@ -45,10 +45,9 @@ module "cluster" { "scheduler", ] cloudwatch_log_group_retention_in_days = "14" - upgrade_policy = { + upgrade_policy { support_type = "STANDARD" } - vpc_id = local.vpc_id subnet_ids = local.subnets From 0ca898a17fbaca79213bdc2a517be380db766e66 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 21:47:37 -0400 Subject: [PATCH 06/19] fmt --- main.tf | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 3d19787..663db4b 100644 --- a/main.tf +++ b/main.tf @@ -45,9 +45,7 @@ module "cluster" { "scheduler", ] cloudwatch_log_group_retention_in_days = "14" - upgrade_policy { - support_type = "STANDARD" - } + vpc_id = local.vpc_id subnet_ids = local.subnets From 1ca21becb90636c1fcac52648be0f658a0ce6516 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 22:29:46 -0400 Subject: [PATCH 07/19] try arm --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 663db4b..32abadc 100644 --- a/main.tf +++ b/main.tf @@ -81,7 +81,7 @@ module "cluster" { } eks_managed_node_group_defaults = { - ami_type = "BOTTLEROCKET_x86_64" + ami_type = "BOTTLEROCKET_ARM_64_FIPS" } node_security_group_enable_recommended_rules = true From 45b0ef26fc879792873aaa88776f44b063ddd0ba Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Thu, 20 Mar 2025 22:31:17 -0400 Subject: [PATCH 08/19] not fips --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 32abadc..752d3c2 100644 --- a/main.tf +++ b/main.tf @@ -81,7 +81,7 @@ module "cluster" { } eks_managed_node_group_defaults = { - ami_type = "BOTTLEROCKET_ARM_64_FIPS" + ami_type = "BOTTLEROCKET_ARM_64" } node_security_group_enable_recommended_rules = true From 04929fd204ec662ea88a153e6297e149de274a66 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 21 Mar 2025 14:29:25 -0400 Subject: [PATCH 09/19] not arm --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 752d3c2..663db4b 100644 --- a/main.tf +++ b/main.tf @@ -81,7 +81,7 @@ module "cluster" { } eks_managed_node_group_defaults = { - ami_type = "BOTTLEROCKET_ARM_64" + ami_type = "BOTTLEROCKET_x86_64" } node_security_group_enable_recommended_rules = true From 9829abe80a81e55d01982d4d5b13c954eb66001c Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 21 Mar 2025 18:29:14 -0400 Subject: [PATCH 10/19] sort --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index 663db4b..cf353f9 100644 --- a/main.tf +++ b/main.tf @@ -44,7 +44,6 @@ module "cluster" { "controllerManager", "scheduler", ] - cloudwatch_log_group_retention_in_days = "14" vpc_id = local.vpc_id subnet_ids = local.subnets From 58db4dfd719b80b6e63885fe202f7791d2e4b00a Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Tue, 1 Apr 2025 16:04:51 -0400 Subject: [PATCH 11/19] try new addons --- main.tf | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/main.tf b/main.tf index cf353f9..927b849 100644 --- a/main.tf +++ b/main.tf @@ -61,15 +61,30 @@ module "cluster" { most_recent = true service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn } + cert-manager = { + most_recent = true + } coredns = { most_recent = true } eks-pod-identity-agent = { most_recent = true } + external-dns = { + most_recent = true + } kube-proxy = { most_recent = true } + kube-state-metrics = { + most_recent = true + } + metrics-server = { + most_recent = true + } + prometheus-node-exporter = { + most_recent = true + } snapshot-controller = { most_recent = true } From a9123f900a164b398bd8cd6af89f023b6eec6a8c Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Tue, 1 Apr 2025 16:57:17 -0400 Subject: [PATCH 12/19] tehse addons don't work --- main.tf | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/main.tf b/main.tf index 927b849..cf353f9 100644 --- a/main.tf +++ b/main.tf @@ -61,30 +61,15 @@ module "cluster" { most_recent = true service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn } - cert-manager = { - most_recent = true - } coredns = { most_recent = true } eks-pod-identity-agent = { most_recent = true } - external-dns = { - most_recent = true - } kube-proxy = { most_recent = true } - kube-state-metrics = { - most_recent = true - } - metrics-server = { - most_recent = true - } - prometheus-node-exporter = { - most_recent = true - } snapshot-controller = { most_recent = true } From 8d1fa755ed5fd46cddf29021e222ff48416e9983 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Tue, 1 Apr 2025 17:37:51 -0400 Subject: [PATCH 13/19] remove extra tomap()s --- security_groups.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/security_groups.tf b/security_groups.tf index e8449a3..e62c641 100644 --- a/security_groups.tf +++ b/security_groups.tf @@ -10,11 +10,7 @@ resource "aws_security_group" "additional_eks_cluster_sg" { tags = merge( local.base_tags, var.tags, -<<<<<<< HEAD { "Name" = local.additional_eks_cluster_sg_name }, -======= - tomap({ "Name" = local.additional_eks_cluster_sg_name }), ->>>>>>> ddd6d64 (align with upstream) ) vpc_id = data.aws_vpc.eks_vpc.id From 783870a20bb65a3e28f60480edc946df5783bbdf Mon Sep 17 00:00:00 2001 From: Matthew Creal Morgan Date: Tue, 1 Apr 2025 20:11:12 -0700 Subject: [PATCH 14/19] Update terraform-release.yaml --- .github/workflows/terraform-release.yaml | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/.github/workflows/terraform-release.yaml b/.github/workflows/terraform-release.yaml index 90910bc..6bdff7e 100644 --- a/.github/workflows/terraform-release.yaml +++ b/.github/workflows/terraform-release.yaml @@ -18,7 +18,7 @@ jobs: - name: Setup Terraform uses: CSVD/gh-actions-setup-terraform@v3 with: - terraform_version: "1.9.1" + terraform_version: "1.10.5" - name: Setup GITHUB Credentials id: github_credentials @@ -28,28 +28,6 @@ jobs: github_app_installation_id: ${{ vars.GH_APP_INSTALLATION_ID }} github_app_id: ${{ vars.GH_APP_ID }} - - - name: Debug Authentication - run: | - # Print the GitHub server URL - echo "GitHub Server URL: ${{ github.server_url }}" - - # Extract the host from the URL - HOST="${{ github.server_url }}" - HOST="${HOST#*//}" - HOST="${HOST%%/*}" - echo "GitHub Host: $HOST" - - # Check if token exists - if [[ -n "${{ steps.github_credentials.outputs.github_token }}" ]]; then - echo "Token generated successfully" - # Test the token with a simple GitHub API call (without exposing the token) - STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer ${{ steps.github_credentials.outputs.github_token }}" "${{ github.server_url }}/api/v3/user") - echo "API Test Status Code: $STATUS" - else - echo "No token was generated!" - fi - - name: Setup GitHub CLI run: | # Force manual authentication since setup-git might not work with GitHub Enterprise From 6f340759e4ec745ad858214421139493ec7787a2 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 2 Apr 2025 15:14:11 -0400 Subject: [PATCH 15/19] update missed sources to update --- .pre-commit-config.yaml | 4 ++-- README.md | 8 ++++---- irsa_roles.tf | 20 ++++++++++++-------- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index ef52d70..8244dbb 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -37,7 +37,7 @@ repos: # Terraform Hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.97.3 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases + rev: v1.98.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases hooks: - id: terraform_fmt args: @@ -94,6 +94,6 @@ repos: # - --hook-config=--parallelism-ci-cpu-cores=2 - repo: https://github.com/ljnsn/cz-conventional-gitmoji - rev: v0.6.1 + rev: v0.7.0 hooks: - id: conventional-gitmoji diff --git a/README.md b/README.md index c9da336..c38cb74 100644 --- a/README.md +++ b/README.md @@ -110,11 +110,11 @@ efs-csi-controller 0 5m | Name | Source | Version | |------|--------|---------| -| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | | [cluster](#module\_cluster) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks/ | v20.35.0 | -| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | ## Resources diff --git a/irsa_roles.tf b/irsa_roles.tf index ee75c98..5cc9c7e 100644 --- a/irsa_roles.tf +++ b/irsa_roles.tf @@ -1,6 +1,7 @@ -# tflint-ignore: terraform_module_version module "vpc_cni_irsa_role" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + # tflint-ignore: terraform_module_version + # tflint-ignore: terraform_module_pinned_source + source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "vpc-cni") @@ -16,9 +17,10 @@ module "vpc_cni_irsa_role" { tags = local.tags } -# tflint-ignore: terraform_module_version module "ebs_csi_irsa_role" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + # tflint-ignore: terraform_module_version + # tflint-ignore: terraform_module_pinned_source + source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "ebs-csi-driver") attach_ebs_csi_policy = true @@ -32,9 +34,10 @@ module "ebs_csi_irsa_role" { tags = local.tags } -# tflint-ignore: terraform_module_version module "efs_csi_irsa_role" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + # tflint-ignore: terraform_module_version + # tflint-ignore: terraform_module_pinned_source + source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "efs-csi-driver") attach_efs_csi_policy = true @@ -48,9 +51,10 @@ module "efs_csi_irsa_role" { tags = local.tags } -# tflint-ignore: terraform_module_version module "cloudwatch_observability_irsa_role" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + # tflint-ignore: terraform_module_version + # tflint-ignore: terraform_module_pinned_source + source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "cloudwatch-observability") attach_cloudwatch_observability_policy = true From 0e4d40c3eaa657d1aa1583b8cc469c69d1ce66c9 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 2 Apr 2025 15:22:31 -0400 Subject: [PATCH 16/19] update notes in readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c38cb74..ba5dd8b 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ The following addons are automatically installed and configured: ```hcl module "eks" { - source = "https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks.git?ref=v20.35.0" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks.git?ref=v20.35.0" cluster_name = "my-cluster" cluster_version = "1.28" From 79b29ae52fd5583ff70134b28d868f08f3a44304 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 2 Apr 2025 16:02:38 -0400 Subject: [PATCH 17/19] update source strings --- README.md | 8 ++++---- irsa_roles.tf | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index ba5dd8b..f70d6b3 100644 --- a/README.md +++ b/README.md @@ -110,11 +110,11 @@ efs-csi-controller 0 5m | Name | Source | Version | |------|--------|---------| -| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | | [cluster](#module\_cluster) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks/ | v20.35.0 | -| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | ## Resources diff --git a/irsa_roles.tf b/irsa_roles.tf index 5cc9c7e..7c3bcde 100644 --- a/irsa_roles.tf +++ b/irsa_roles.tf @@ -1,7 +1,7 @@ module "vpc_cni_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "vpc-cni") @@ -20,7 +20,7 @@ module "vpc_cni_irsa_role" { module "ebs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "ebs-csi-driver") attach_ebs_csi_policy = true @@ -37,7 +37,7 @@ module "ebs_csi_irsa_role" { module "efs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "efs-csi-driver") attach_efs_csi_policy = true @@ -54,7 +54,7 @@ module "efs_csi_irsa_role" { module "cloudwatch_observability_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.com/terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "cloudwatch-observability") attach_cloudwatch_observability_policy = true From b80c3a368f17ef349632a7569c841348f4d0df93 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 2 Apr 2025 16:04:56 -0400 Subject: [PATCH 18/19] fix source --- README.md | 8 ++++---- irsa_roles.tf | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index f70d6b3..25d46d1 100644 --- a/README.md +++ b/README.md @@ -110,11 +110,11 @@ efs-csi-controller 0 5m | Name | Source | Version | |------|--------|---------| -| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | | [cluster](#module\_cluster) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks/ | v20.35.0 | -| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | ## Resources diff --git a/irsa_roles.tf b/irsa_roles.tf index 7c3bcde..5cb307f 100644 --- a/irsa_roles.tf +++ b/irsa_roles.tf @@ -1,7 +1,7 @@ module "vpc_cni_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "vpc-cni") @@ -20,7 +20,7 @@ module "vpc_cni_irsa_role" { module "ebs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "ebs-csi-driver") attach_ebs_csi_policy = true @@ -37,7 +37,7 @@ module "ebs_csi_irsa_role" { module "efs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "efs-csi-driver") attach_efs_csi_policy = true @@ -54,7 +54,7 @@ module "efs_csi_irsa_role" { module "cloudwatch_observability_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "cloudwatch-observability") attach_cloudwatch_observability_policy = true From 6cd4dde7a29e1ca7c1cca6b2cc6a2c345cb87a00 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Wed, 2 Apr 2025 16:08:44 -0400 Subject: [PATCH 19/19] remove aws from source path --- README.md | 8 ++++---- irsa_roles.tf | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 25d46d1..ef22a3a 100644 --- a/README.md +++ b/README.md @@ -110,11 +110,11 @@ efs-csi-controller 0 5m | Name | Source | Version | |------|--------|---------| -| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [cloudwatch\_observability\_irsa\_role](#module\_cloudwatch\_observability\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks | n/a | | [cluster](#module\_cluster) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-eks/ | v20.35.0 | -| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | -| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks | n/a | +| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks | n/a | +| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks | n/a | +| [vpc\_cni\_irsa\_role](#module\_vpc\_cni\_irsa\_role) | git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks | n/a | ## Resources diff --git a/irsa_roles.tf b/irsa_roles.tf index 5cb307f..9d06500 100644 --- a/irsa_roles.tf +++ b/irsa_roles.tf @@ -1,7 +1,7 @@ module "vpc_cni_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "vpc-cni") @@ -20,7 +20,7 @@ module "vpc_cni_irsa_role" { module "ebs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "ebs-csi-driver") attach_ebs_csi_policy = true @@ -37,7 +37,7 @@ module "ebs_csi_irsa_role" { module "efs_csi_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "efs-csi-driver") attach_efs_csi_policy = true @@ -54,7 +54,7 @@ module "efs_csi_irsa_role" { module "cloudwatch_observability_irsa_role" { # tflint-ignore: terraform_module_version # tflint-ignore: terraform_module_pinned_source - source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam/aws//modules/iam-role-for-service-accounts-eks" + source = "git::https://github.e.it.census.gov/SCT-Engineering/terraform-aws-iam//modules/iam-role-for-service-accounts-eks" role_name = format("%v%v-%v", local.prefixes["eks-role"], var.cluster_name, "cloudwatch-observability") attach_cloudwatch_observability_policy = true