New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access Entry for Windows managed node groups #2994
Comments
I think your configuration is incorrect. I can see at least two errors in what you have provided:
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "~> 20.8"
# Add in other required arguments and values ...
eks_managed_node_groups = {
windows_2022 = {
platform = "windows"
ami_type = "WINDOWS_CORE_2022_x86_64"
instance_types = ["m6i.large"]
scaling_config = {
min_size = 1
max_size = 1
desired_size = 1
}
taints = {
windows-taint = {
key = "windows-node"
value = "true"
effect = "NO_SCHEDULE"
}
}
block_device_mappings = {
sda1 = {
device_name = "/dev/sda1",
ebs = { volume_size = 100 }
}
}
}
}
} |
We have to set a specific AMI as only approved ami's can run in our environment |
ok, if thats the case you would still need to set |
This issue has been automatically marked as stale because it has been open 30 days |
This issue was automatically closed because of stale in 10 days |
Description
When creating a Windows node group using the eks-managed-node-group sub module when Access Management control is set to API or API_AND_CONFIG_MAP, the access entry is created as EC2_LINUX.
This is true when using a custom launch template and ami_id.
AWS have confirmed this is the case and the entry for the managed node groups access entry would need to be configured manually/by code and not allow EKS to create this entry automatically.
Before you submit an issue, please perform the following first:
.terraform
directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!):rm -rf .terraform/
terraform init
Versions
Module version [Required]: 20.8.4
Terraform version: 1.7.5
provider registry.terraform.io/hashicorp/aws v5.42.0
provider registry.terraform.io/hashicorp/cloudinit v2.3.3
provider registry.terraform.io/hashicorp/kubernetes v2.20.0
provider registry.terraform.io/hashicorp/null v3.2.2
provider registry.terraform.io/hashicorp/template v2.2.0
provider registry.terraform.io/hashicorp/time v0.9.2
provider registry.terraform.io/hashicorp/tls v4.0.5
Reproduction Code [Required]
Steps to reproduce the behavior:
Terraform apply with the above Windows eks managed node group
Expected behavior
An IAM access entries with type EC2_WINDOWS
Actual behavior
An IAM access entries with type EC2_LINUX
Terminal Output Screenshot(s)
Additional context
This is a know issue when using custom templates, as confirmed by AWS support.
Adding an access entry object as part of the base module may fix this issue
The text was updated successfully, but these errors were encountered: