xpk/terraform.examples
SHA256
1
0
Fork 0
Code Pull Requests Activity

feat: added preserve=false to eks addons. which is crutial to prevent residual resources

Browse Source
This commit is contained in:
xpk
2026-04-02 17:31:33 +08:00
parent 36036bb6f5
commit 998636f079
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
EksIp6Nginxpod/main.tf
+2
View File
@@ -184,10 +184,12 @@ module "eks" {
addons = { addons = {
coredns = {} coredns = {}
eks-pod-identity-agent = { eks-pod-identity-agent = {
preserve = false
before_compute = true before_compute = true
} }
kube-proxy = {} kube-proxy = {}
aws-ebs-csi-driver = { aws-ebs-csi-driver = {
preserve = false
pod_identity_association = [{ pod_identity_association = [{
role_arn = module.CsiPodIdentity.role-arn role_arn = module.CsiPodIdentity.role-arn
service_account = "ebs-csi-controller-sa" service_account = "ebs-csi-controller-sa"
modules/security_identity_compliance/iam-role-v2/main.tf
+1 -1
View File
@@ -49,7 +49,7 @@ resource "aws_iam_role_policy_attachment" "pa" {
policy_arn = each.value.arn policy_arn = each.value.arn
} }
resource "aws_iam_role_policy_attachment" "CsiPodIdentity" { resource "aws_iam_role_policy_attachment" "mp-attachments" {
for_each = toset(var.attach-managed-policies) for_each = toset(var.attach-managed-policies)
role = aws_iam_role.r.name role = aws_iam_role.r.name
policy_arn = each.value policy_arn = each.value