Skip to content

Commit

Permalink
fix: Correct cluster autoscaler version typo, use (correct) static se…
Browse files Browse the repository at this point in the history
…rvice principal DNS suffix
  • Loading branch information
bryantbiggs committed Mar 15, 2024
1 parent f28ce28 commit 13f80b9
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 11 deletions.
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ repos:
- id: detect-aws-credentials
args: ['--allow-missing-credentials']
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.88.0
rev: v1.88.2
hooks:
- id: terraform_fmt
- id: terraform_docs
Expand Down
19 changes: 9 additions & 10 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ resource "time_sleep" "this" {

locals {
account_id = data.aws_caller_identity.current.account_id
dns_suffix = data.aws_partition.current.dns_suffix
partition = data.aws_partition.current.partition
region = data.aws_region.current.name

Expand Down Expand Up @@ -990,7 +989,7 @@ data "aws_iam_policy_document" "aws_fsx_csi_driver" {

statement {
sid = "AllowCreateServiceLinkedRoles"
resources = ["arn:${local.partition}:iam::*:role/aws-service-role/s3.data-source.lustre.fsx.${local.dns_suffix}/*"]
resources = ["arn:${local.partition}:iam::*:role/aws-service-role/s3.data-source.lustre.fsx.${data.aws_partition.current.dns_suffix}/*"]

actions = [
"iam:CreateServiceLinkedRole",
Expand All @@ -1007,7 +1006,7 @@ data "aws_iam_policy_document" "aws_fsx_csi_driver" {
condition {
test = "StringLike"
variable = "iam:AWSServiceName"
values = ["fsx.${local.dns_suffix}"]
values = ["fsx.amazonaws.com"]
}
}

Expand Down Expand Up @@ -1153,7 +1152,7 @@ data "aws_iam_policy_document" "aws_load_balancer_controller" {
condition {
test = "StringEquals"
variable = "iam:AWSServiceName"
values = ["elasticloadbalancing.${local.dns_suffix}"]
values = ["elasticloadbalancing.amazonaws.com"]
}
}

Expand Down Expand Up @@ -1531,8 +1530,8 @@ module "aws_node_termination_handler_sqs" {
{
type = "Service"
identifiers = [
"events.${local.dns_suffix}",
"sqs.${local.dns_suffix}",
"events.amazonaws.com",
"sqs.amazonaws.com",
]
}
]
Expand Down Expand Up @@ -1965,7 +1964,7 @@ locals {
"1.26" = "v1.26.6"
"1.27" = "v1.27.5"
"1.28" = "v1.28.2"
"1.29" = "v1.20.0"
"1.29" = "v1.29.0"
}
}

Expand Down Expand Up @@ -2909,8 +2908,8 @@ module "karpenter_sqs" {
{
type = "Service"
identifiers = [
"events.${local.dns_suffix}",
"sqs.${local.dns_suffix}",
"events.amazonaws.com",
"sqs.amazonaws.com",
]
}
]
Expand Down Expand Up @@ -2950,7 +2949,7 @@ data "aws_iam_policy_document" "karpenter_assume_role" {

principals {
type = "Service"
identifiers = ["ec2.${local.dns_suffix}"]
identifiers = ["ec2.amazonaws.com"]
}
}
}
Expand Down

0 comments on commit 13f80b9

Please sign in to comment.