Skip to content

Commit

Permalink
Merge pull request hashicorp#40415 from bryantbiggs/aws_eks_cluster/a…
Browse files Browse the repository at this point in the history
…uto-mode-opt-in

r/aws_eks_cluster: Fix enablement of EKS Auto Mode on existing clusters without forcing re-creation
  • Loading branch information
gdavison authored Dec 6, 2024
2 parents f382471 + 24b950d commit 05c76fd
Show file tree
Hide file tree
Showing 2 changed files with 292 additions and 70 deletions.
41 changes: 32 additions & 9 deletions internal/service/eks/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,34 @@ func resourceCluster() *schema.Resource {

CustomizeDiff: customdiff.Sequence(
verify.SetTagsDiff,
validateAutoModeCustsomizeDiff,
customdiff.ForceNewIfChange("encryption_config", func(_ context.Context, old, new, meta interface{}) bool {
validateAutoModeCustomizeDiff,
customdiff.ForceNewIfChange("encryption_config", func(_ context.Context, old, new, meta any) bool {
// You cannot disable envelope encryption after enabling it. This action is irreversible.
return len(old.([]interface{})) == 1 && len(new.([]interface{})) == 0
return len(old.([]any)) == 1 && len(new.([]any)) == 0
}),
func(ctx context.Context, rd *schema.ResourceDiff, meta any) error {
if rd.Id() == "" {
return nil
}
oldValue, newValue := rd.GetChange("compute_config")

oldComputeConfig := expandComputeConfigRequest(oldValue.([]any))
newComputeConfig := expandComputeConfigRequest(newValue.([]any))

if newComputeConfig == nil || oldComputeConfig == nil {
return nil
}

oldRoleARN := aws.ToString(oldComputeConfig.NodeRoleArn)
newRoleARN := aws.ToString(newComputeConfig.NodeRoleArn)

if oldRoleARN != newRoleARN {
if err := rd.ForceNew("compute_config.0.node_role_arn"); err != nil {
return err
}
}
return nil
},
),

Timeouts: &schema.ResourceTimeout{
Expand Down Expand Up @@ -136,7 +159,6 @@ func resourceCluster() *schema.Resource {
"node_role_arn": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ValidateFunc: verify.ValidARN,
},
},
Expand Down Expand Up @@ -1032,10 +1054,11 @@ func waitClusterCreated(ctx context.Context, conn *eks.Client, name string, time

func waitClusterDeleted(ctx context.Context, conn *eks.Client, name string, timeout time.Duration) (*types.Cluster, error) {
stateConf := &retry.StateChangeConf{
Pending: enum.Slice(types.ClusterStatusActive, types.ClusterStatusDeleting),
Target: []string{},
Refresh: statusCluster(ctx, conn, name),
Timeout: timeout,
Pending: enum.Slice(types.ClusterStatusActive, types.ClusterStatusDeleting),
Target: []string{},
Refresh: statusCluster(ctx, conn, name),
Timeout: timeout,
MinTimeout: 10 * time.Second,
// An attempt to avoid "ResourceInUseException: Cluster already exists with name: ..." errors
// in acceptance tests when recreating a cluster with the same randomly generated name.
ContinuousTargetOccurence: 3,
Expand Down Expand Up @@ -1750,7 +1773,7 @@ func flattenZonalShiftConfig(apiObject *types.ZonalShiftConfigResponse) []interf

// InvalidParameterException: For EKS Auto Mode, please ensure that all required configs,
// including computeConfig, kubernetesNetworkConfig, and blockStorage are all either fully enabled or fully disabled.
func validateAutoModeCustsomizeDiff(_ context.Context, d *schema.ResourceDiff, _ any) error {
func validateAutoModeCustomizeDiff(_ context.Context, d *schema.ResourceDiff, _ any) error {
if d.HasChanges("compute_config", "kubernetes_network_config", "storage_config") {
computeConfig := expandComputeConfigRequest(d.Get("compute_config").([]interface{}))
kubernetesNetworkConfig := expandKubernetesNetworkConfigRequest(d.Get("kubernetes_network_config").([]interface{}))
Expand Down
Loading

0 comments on commit 05c76fd

Please sign in to comment.