From c0410e7ca3761eaeb59c2997ad30c333d1851f7c Mon Sep 17 00:00:00 2001
From: Roman Ryzhyi <ryzhyi.r@ajax.systems>
Date: Mon, 18 Nov 2024 09:47:38 +0200
Subject: [PATCH 1/3] Add variable for disabling dynamic outputs

---
 outputs.tf   | 4 ++--
 variables.tf | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/outputs.tf b/outputs.tf
index 0bd2d10f4e..92437e90a2 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -68,7 +68,7 @@ output "cluster_version" {
 
 output "cluster_platform_version" {
   description = "Platform version for the cluster"
-  value       = try(aws_eks_cluster.this[0].platform_version, null)
+  value       = var.disable_dynamic_outputs ? try(aws_eks_cluster.this[0].platform_version, null) : null
 }
 
 output "cluster_status" {
@@ -196,7 +196,7 @@ output "cluster_iam_role_unique_id" {
 
 output "cluster_addons" {
   description = "Map of attribute maps for all EKS cluster addons enabled"
-  value       = merge(aws_eks_addon.this, aws_eks_addon.before_compute)
+  value       = var.disable_dynamic_outputs ? merge(aws_eks_addon.this, aws_eks_addon.before_compute) : null
 }
 
 ################################################################################
diff --git a/variables.tf b/variables.tf
index 7a7226b96a..da2085be77 100644
--- a/variables.tf
+++ b/variables.tf
@@ -16,6 +16,12 @@ variable "prefix_separator" {
   default     = "-"
 }
 
+variable "disable_dynamic_outputs" {
+  description = "Disable outputs for resource attributes that AWS can modify, preventing state drift"
+  type        = bool
+  default     = false
+}
+
 ################################################################################
 # Cluster
 ################################################################################

From 85c19e3538eb060b6b087f629566d8b45067b929 Mon Sep 17 00:00:00 2001
From: Roman Ryzhyi <ryzhyi.r@ajax.systems>
Date: Mon, 18 Nov 2024 10:00:25 +0200
Subject: [PATCH 2/3] Update docs

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 5a074b966d..e94f11c349 100644
--- a/README.md
+++ b/README.md
@@ -279,6 +279,7 @@ We are grateful to the community for contributing bugfixes and improvements! Ple
 | <a name="input_create_node_security_group"></a> [create\_node\_security\_group](#input\_create\_node\_security\_group) | Determines whether to create a security group for the node groups or use the existing `node_security_group_id` | `bool` | `true` | no |
 | <a name="input_custom_oidc_thumbprints"></a> [custom\_oidc\_thumbprints](#input\_custom\_oidc\_thumbprints) | Additional list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s) | `list(string)` | `[]` | no |
 | <a name="input_dataplane_wait_duration"></a> [dataplane\_wait\_duration](#input\_dataplane\_wait\_duration) | Duration to wait after the EKS cluster has become active before creating the dataplane components (EKS managed node group(s), self-managed node group(s), Fargate profile(s)) | `string` | `"30s"` | no |
+| <a name="input_disable_dynamic_outputs"></a> [disable\_dynamic\_outputs](#input\_disable\_dynamic\_outputs) | Disable outputs for resource attributes that AWS can modify, preventing state drift | `bool` | `false` | no |
 | <a name="input_eks_managed_node_group_defaults"></a> [eks\_managed\_node\_group\_defaults](#input\_eks\_managed\_node\_group\_defaults) | Map of EKS managed node group default configurations | `any` | `{}` | no |
 | <a name="input_eks_managed_node_groups"></a> [eks\_managed\_node\_groups](#input\_eks\_managed\_node\_groups) | Map of EKS managed node group definitions to create | `any` | `{}` | no |
 | <a name="input_enable_cluster_creator_admin_permissions"></a> [enable\_cluster\_creator\_admin\_permissions](#input\_enable\_cluster\_creator\_admin\_permissions) | Indicates whether or not to add the cluster creator (the identity used by Terraform) as an administrator via access entry | `bool` | `false` | no |

From 305652db3d6c1e35398120d6a215a9284b10db75 Mon Sep 17 00:00:00 2001
From: Roman Ryzhyi <ryzhyi.r@ajax.systems>
Date: Mon, 18 Nov 2024 10:11:21 +0200
Subject: [PATCH 3/3] Add variable for disabling dynamic outputs

---
 outputs.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/outputs.tf b/outputs.tf
index 92437e90a2..4f86965667 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -68,7 +68,7 @@ output "cluster_version" {
 
 output "cluster_platform_version" {
   description = "Platform version for the cluster"
-  value       = var.disable_dynamic_outputs ? try(aws_eks_cluster.this[0].platform_version, null) : null
+  value       = var.disable_dynamic_outputs ? null : try(aws_eks_cluster.this[0].platform_version, null)
 }
 
 output "cluster_status" {
@@ -196,7 +196,7 @@ output "cluster_iam_role_unique_id" {
 
 output "cluster_addons" {
   description = "Map of attribute maps for all EKS cluster addons enabled"
-  value       = var.disable_dynamic_outputs ? merge(aws_eks_addon.this, aws_eks_addon.before_compute) : null
+  value       = var.disable_dynamic_outputs ? null : merge(aws_eks_addon.this, aws_eks_addon.before_compute)
 }
 
 ################################################################################