Fixes for Launch Templates (#361)

* Fixes for Launch Templates * update changelog * add outputs for 3 LT attributes
terraform-aws-modules · May 7, 2019 · 3ece32f · 3ece32f
1 parent 2b633a1
commit 3ece32f
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Changed
 
+ - 4 small changes to `aws_launch_template` resource (by @max-rocket-internet)
  - Add .prettierignore file (by @rothandrew)
  - Switch to https for the pre-commit repos (by @rothandrew)
  - Add instructions on how to enable the docker bridge network (by @rothandrew)

diff --git a/README.md b/README.md
@@ -171,12 +171,15 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | config\_map\_aws\_auth | A kubernetes configuration to authenticate to this EKS cluster. |
 | kubeconfig | kubectl config file contents for this EKS cluster. |
 | kubeconfig\_filename | The filename of the generated kubectl config. |
-| worker\_iam\_instance\_profile\_arns | default IAM instance profile ARNs for EKS worker group |
-| worker\_iam\_instance\_profile\_names | default IAM instance profile names for EKS worker group |
+| worker\_iam\_instance\_profile\_arns | default IAM instance profile ARN for EKS worker groups |
+| worker\_iam\_instance\_profile\_names | default IAM instance profile name for EKS worker groups |
 | worker\_iam\_role\_arn | default IAM role ARN for EKS worker groups |
 | worker\_iam\_role\_name | default IAM role name for EKS worker groups |
 | worker\_security\_group\_id | Security group ID attached to the EKS workers. |
 | workers\_asg\_arns | IDs of the autoscaling groups containing workers. |
 | workers\_asg\_names | Names of the autoscaling groups containing workers. |
+| workers\_launch\_template\_arns | ARNs of the worker launch templates. |
+| workers\_launch\_template\_ids | IDs of the worker launch templates. |
+| workers\_launch\_template\_latest\_versions | Latest versions of the worker launch templates. |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/local.tf b/local.tf
@@ -64,7 +64,7 @@ locals {
     root_volume_size                         = "100"                                         # root volume size of workers instances.
     root_volume_type                         = "gp2"                                         # root volume type of workers instances, can be 'standard', 'gp2', or 'io1'
     root_iops                                = "0"                                           # The amount of provisioned IOPS. This must be set with a volume_type of "io1".
-    root_encrypted                           = false                                         # root volume encryption for workers.
+    root_encrypted                           = ""                                            # root volume encryption for workers.
     kms_key_id                               = ""                                            # KMS key ID used for encrypted block device. ASG must have access to this key. If not specified, the default KMS key will be used.
     key_name                                 = ""                                            # The key name that should be used for the instances in the autoscaling group
     pre_userdata                             = ""                                            # userdata to pre-append to the default userdata.

diff --git a/outputs.tf b/outputs.tf
@@ -64,6 +64,21 @@ output "workers_asg_names" {
   value       = "${concat(aws_autoscaling_group.workers.*.id, aws_autoscaling_group.workers_launch_template.*.id)}"
 }
 
+output "workers_launch_template_ids" {
+  description = "IDs of the worker launch templates."
+  value       = "${aws_launch_template.workers_launch_template.*.id}"
+}
+
+output "workers_launch_template_arns" {
+  description = "ARNs of the worker launch templates."
+  value       = "${aws_launch_template.workers_launch_template.*.arn}"
+}
+
+output "workers_launch_template_latest_versions" {
+  description = "Latest versions of the worker launch templates."
+  value       = "${aws_launch_template.workers_launch_template.*.latest_version}"
+}
+
 output "worker_security_group_id" {
   description = "Security group ID attached to the EKS workers."
   value       = "${local.worker_security_group_id}"

diff --git a/workers_launch_template.tf b/workers_launch_template.tf
@@ -66,10 +66,15 @@ resource "aws_launch_template" "workers_launch_template" {
   network_interfaces {
     associate_public_ip_address = "${lookup(var.worker_groups_launch_template[count.index], "public_ip", local.workers_group_launch_template_defaults["public_ip"])}"
     delete_on_termination       = "${lookup(var.worker_groups_launch_template[count.index], "eni_delete", local.workers_group_launch_template_defaults["eni_delete"])}"
-    security_groups             = ["${local.worker_security_group_id}", "${var.worker_additional_security_group_ids}", "${compact(split(",",lookup(var.worker_groups_launch_template[count.index],"additional_security_group_ids", local.workers_group_launch_template_defaults["additional_security_group_ids"])))}"]
+
+    security_groups = [
+      "${local.worker_security_group_id}",
+      "${var.worker_additional_security_group_ids}",
+      "${compact(split(",",lookup(var.worker_groups_launch_template[count.index],"additional_security_group_ids", local.workers_group_launch_template_defaults["additional_security_group_ids"])))}",
+    ]
   }
 
-  iam_instance_profile = {
+  iam_instance_profile {
     name = "${element(aws_iam_instance_profile.workers_launch_template.*.name, count.index)}"
   }
 
@@ -106,6 +111,8 @@ resource "aws_launch_template" "workers_launch_template" {
       delete_on_termination = true
     }
   }
+
+  tags = "${var.tags}"
 }
 
 resource "aws_iam_instance_profile" "workers_launch_template" {