Created
August 22, 2019 15:04
-
-
Save rekahsoft/b6cafe77e5834005491d2e317ddd17e2 to your computer and use it in GitHub Desktop.
Terraform plan/apply error 2019-08-22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 28s | |
| ➜ terraform plan --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| Refreshing Terraform state in-memory prior to plan... | |
| The refreshed state will be used to calculate this plan, but will not be | |
| persisted to local or remote state storage. | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| ------------------------------------------------------------------------ | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| -/+ destroy and then create replacement | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0] must be replaced | |
| -/+ resource "aws_iam_role" "aws_alb_ingress_controller_pod_role" { | |
| ~ arn = "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ assume_role_policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Principal = { | |
| ~ AWS = "arn:aws:iam::xxxxxxxxxxxx:root" -> "xxxxxxxxxxxx" | |
| } | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| ~ create_date = "2019-08-22T02:09:48Z" -> (known after apply) | |
| force_detach_policies = false | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| max_session_duration = 3600 | |
| ~ name = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ name_prefix = "eks-example-cluster-autoscaler-" -> "eks-example-alb-ingress-" # forces replacement | |
| path = "/" | |
| - tags = {} -> null | |
| ~ unique_id = "AROAQJRDXQGDVZGSZ5X75" -> (known after apply) | |
| } | |
| # module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0] must be replaced | |
| -/+ resource "aws_iam_role_policy_attachment" "aws_alb_ingress_controller_pod" { | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009" -> (known after apply) | |
| policy_arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004" | |
| ~ role = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) # forces replacement | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = "*" -> [ | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 2 to add, 1 to change, 2 to destroy. | |
| ------------------------------------------------------------------------ | |
| Note: You didn't specify an "-out" parameter to save this plan, so Terraform | |
| can't guarantee that exactly these actions will be performed if | |
| "terraform apply" is subsequently run. | |
| Releasing state lock. This may take a few moments... | |
| eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 34s | |
| ➜ terraform apply --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| -/+ destroy and then create replacement | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0] must be replaced | |
| -/+ resource "aws_iam_role" "aws_alb_ingress_controller_pod_role" { | |
| ~ arn = "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ assume_role_policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Principal = { | |
| ~ AWS = "arn:aws:iam::xxxxxxxxxxxx:root" -> "xxxxxxxxxxxx" | |
| } | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| ~ create_date = "2019-08-22T02:09:48Z" -> (known after apply) | |
| force_detach_policies = false | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| max_session_duration = 3600 | |
| ~ name = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ name_prefix = "eks-example-cluster-autoscaler-" -> "eks-example-alb-ingress-" # forces replacement | |
| path = "/" | |
| - tags = {} -> null | |
| ~ unique_id = "AROAQJRDXQGDVZGSZ5X75" -> (known after apply) | |
| } | |
| # module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0] must be replaced | |
| -/+ resource "aws_iam_role_policy_attachment" "aws_alb_ingress_controller_pod" { | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009" -> (known after apply) | |
| policy_arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004" | |
| ~ role = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) # forces replacement | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = "*" -> [ | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 2 to add, 1 to change, 2 to destroy. | |
| Do you want to perform these actions? | |
| Terraform will perform the actions described above. | |
| Only 'yes' will be accepted to approve. | |
| Enter a value: yes | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Destroying... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifying... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Destruction complete after 2s | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Destroying... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Destruction complete after 1s | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Creating... | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifications complete after 4s [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Creation complete after 2s [id=eks-example-alb-ingress-20190822022643213600000001] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Creating... | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Creation complete after 2s [id=eks-example-alb-ingress-20190822022643213600000001-20190822022645979300000002] | |
| Apply complete! Resources: 2 added, 1 changed, 2 destroyed. | |
| Releasing state lock. This may take a few moments... | |
| eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 1m 43s | |
| ➜ terraform apply --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-alb-ingress-20190822022643213600000001] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-alb-ingress-20190822022643213600000001-20190822022645979300000002] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0] will be updated in-place | |
| ~ resource "helm_release" "aws_alb_ingress_controller" { | |
| chart = "incubator/aws-alb-ingress-controller" | |
| disable_webhooks = false | |
| force_update = false | |
| id = "aws-alb-ingress-controller" | |
| metadata = [ | |
| { | |
| chart = "aws-alb-ingress-controller" | |
| name = "aws-alb-ingress-controller" | |
| namespace = "kube-system" | |
| revision = 1 | |
| values = "affinity: {}\nautoDiscoverAwsRegion: true\nautoDiscoverAwsVpcID: true\nawsRegion: \"\"\nawsVpcID: vpc-xxx\nclusterName: eks-example\nenableLivenessProbe: false\nenableReadinessProbe: false\nextraArgs: {}\nextraEnv: {}\nfullnameOverride: \"\"\nimage:\n pullPolicy: IfNotPresent\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: v1.1.2\nlivenessProbeInitialDelay: 30\nnameOverride: \"\"\nnodeSelector: {}\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002\npodLabels: {}\nrbac:\n create: true\n serviceAccountName: default\nreadinessProbeInitialDelay: 30\nreadinessProbeInterval: 60\nreadinessProbeTimeout: 3\nreplicaCount: 1\nresources: {}\nscope:\n ingressClass: alb\n singleNamespace: false\n watchNamespace: \"\"\ntolerations: []\n" | |
| version = "0.1.10" | |
| }, | |
| ] | |
| name = "aws-alb-ingress-controller" | |
| namespace = "kube-system" | |
| recreate_pods = false | |
| repository = "incubator" | |
| reuse = false | |
| reuse_values = false | |
| status = "DEPLOYED" | |
| timeout = 300 | |
| ~ values = [ | |
| - "## Resources created by the ALB Ingress controller will be prefixed with this string\n## Required\nclusterName: eks-example\n\n## AWS region of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsRegion != true\nawsRegion: \"\"\n\n## Auto Discover awsRegion from ec2metadata, set this to true and omit awsRegion when ec2metadata is available.\nautoDiscoverAwsRegion: true\n\n## VPC ID of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsVpcID != true\nawsVpcID: \"vpc-xxx\"\n\n## Auto Discover awsVpcID from ec2metadata, set this to true and omit awsVpcID: \" when ec2metadata is available.\nautoDiscoverAwsVpcID: true\n\nscope:\n ## If provided, the ALB ingress controller will only act on Ingress resources annotated with this class\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-ingress-class\n ingressClass: alb\n\n ## If true, the ALB ingress controller will only act on Ingress resources in a single namespace\n ## Default: false; watch all namespaces\n singleNamespace: false\n\n ## If scope.singleNamespace=true, the ALB ingress controller will only act on Ingress resources in this namespace\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-namespaces\n ## Default: namespace of the ALB ingress controller\n watchNamespace: \"\"\n\nextraArgs: {}\n\nextraEnv: {}\n # AWS_ACCESS_KEY_ID: \"\"\n # AWS_SECRET_ACCESS_KEY: \"\"\n\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002\n\npodLabels: {}\n\n# whether configure readinessProbe on controller pod\nenableReadinessProbe: false\n\n# How often (in seconds) to check controller readiness\nreadinessProbeInterval: 60\n\n# How long to wait before timeout (in seconds) when checking controller readiness\nreadinessProbeTimeout: 3\n\n# How long to wait (in seconds) before checking the readiness probe\nreadinessProbeInitialDelay: 30\n\n# whether configure livenessProbe on controller pod\nenableLivenessProbe: false\n\n# How long to wait (in seconds) before checking the liveness probe\nlivenessProbeInitialDelay: 30\n\nrbac:\n ## If true, create & use RBAC resources\n ##\n create: true\n serviceAccountName: default\n\nimage:\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: \"v1.1.2\"\n pullPolicy: IfNotPresent\n\nreplicaCount: 1\nnameOverride: \"\"\nfullnameOverride: \"\"\n\nresources: {}\n # We usually recommend not to specify default resources and to leave this as a conscious\n # choice for the user. This also increases chances charts run on environments with little\n # resources, such as Minikube. If you do want to specify resources, uncomment the following\n # lines, adjust them as necessary, and remove the curly braces after 'resources:'.\n # limits:\n # cpu: 100m\n # memory: 128Mi\n # requests:\n # cpu: 100m\n # memory: 128Mi\n\nnodeSelector: {}\n # node-role.kubernetes.io/node: \"true\"\n # tier: cs\n\ntolerations: []\n # - key: \"node-role.kubernetes.io/master\"\n # effect: NoSchedule\n\naffinity: {}\n", | |
| + "## Resources created by the ALB Ingress controller will be prefixed with this string\n## Required\nclusterName: eks-example\n\n## AWS region of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsRegion != true\nawsRegion: \"\"\n\n## Auto Discover awsRegion from ec2metadata, set this to true and omit awsRegion when ec2metadata is available.\nautoDiscoverAwsRegion: true\n\n## VPC ID of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsVpcID != true\nawsVpcID: \"vpc-xxx\"\n\n## Auto Discover awsVpcID from ec2metadata, set this to true and omit awsVpcID: \" when ec2metadata is available.\nautoDiscoverAwsVpcID: true\n\nscope:\n ## If provided, the ALB ingress controller will only act on Ingress resources annotated with this class\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-ingress-class\n ingressClass: alb\n\n ## If true, the ALB ingress controller will only act on Ingress resources in a single namespace\n ## Default: false; watch all namespaces\n singleNamespace: false\n\n ## If scope.singleNamespace=true, the ALB ingress controller will only act on Ingress resources in this namespace\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-namespaces\n ## Default: namespace of the ALB ingress controller\n watchNamespace: \"\"\n\nextraArgs: {}\n\nextraEnv: {}\n # AWS_ACCESS_KEY_ID: \"\"\n # AWS_SECRET_ACCESS_KEY: \"\"\n\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-alb-ingress-20190822022643213600000001\n\npodLabels: {}\n\n# whether configure readinessProbe on controller pod\nenableReadinessProbe: false\n\n# How often (in seconds) to check controller readiness\nreadinessProbeInterval: 60\n\n# How long to wait before timeout (in seconds) when checking controller readiness\nreadinessProbeTimeout: 3\n\n# How long to wait (in seconds) before checking the readiness probe\nreadinessProbeInitialDelay: 30\n\n# whether configure livenessProbe on controller pod\nenableLivenessProbe: false\n\n# How long to wait (in seconds) before checking the liveness probe\nlivenessProbeInitialDelay: 30\n\nrbac:\n ## If true, create & use RBAC resources\n ##\n create: true\n serviceAccountName: default\n\nimage:\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: \"v1.1.2\"\n pullPolicy: IfNotPresent\n\nreplicaCount: 1\nnameOverride: \"\"\nfullnameOverride: \"\"\n\nresources: {}\n # We usually recommend not to specify default resources and to leave this as a conscious\n # choice for the user. This also increases chances charts run on environments with little\n # resources, such as Minikube. If you do want to specify resources, uncomment the following\n # lines, adjust them as necessary, and remove the curly braces after 'resources:'.\n # limits:\n # cpu: 100m\n # memory: 128Mi\n # requests:\n # cpu: 100m\n # memory: 128Mi\n\nnodeSelector: {}\n # node-role.kubernetes.io/node: \"true\"\n # tier: cs\n\ntolerations: []\n # - key: \"node-role.kubernetes.io/master\"\n # effect: NoSchedule\n\naffinity: {}\n", | |
| ] | |
| verify = false | |
| version = "0.1.10" | |
| wait = true | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = [ | |
| "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| - "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-alb-ingress-20190822022643213600000001", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 0 to add, 2 to change, 0 to destroy. | |
| Do you want to perform these actions? | |
| Terraform will perform the actions described above. | |
| Only 'yes' will be accepted to approve. | |
| Enter a value: yes | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifying... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Modifying... [id=aws-alb-ingress-controller] | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifications complete after 4s [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Still modifying... [id=aws-alb-ingress-controller, 10s elapsed] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Modifications complete after 12s [id=aws-alb-ingress-controller] | |
| Apply complete! Resources: 0 added, 2 changed, 0 destroyed. | |
| Releasing state lock. This may take a few moments...eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 28s | |
| ➜ terraform plan --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| Refreshing Terraform state in-memory prior to plan... | |
| The refreshed state will be used to calculate this plan, but will not be | |
| persisted to local or remote state storage. | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| ------------------------------------------------------------------------ | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| -/+ destroy and then create replacement | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0] must be replaced | |
| -/+ resource "aws_iam_role" "aws_alb_ingress_controller_pod_role" { | |
| ~ arn = "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ assume_role_policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Principal = { | |
| ~ AWS = "arn:aws:iam::xxxxxxxxxxxx:root" -> "xxxxxxxxxxxx" | |
| } | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| ~ create_date = "2019-08-22T02:09:48Z" -> (known after apply) | |
| force_detach_policies = false | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| max_session_duration = 3600 | |
| ~ name = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ name_prefix = "eks-example-cluster-autoscaler-" -> "eks-example-alb-ingress-" # forces replacement | |
| path = "/" | |
| - tags = {} -> null | |
| ~ unique_id = "AROAQJRDXQGDVZGSZ5X75" -> (known after apply) | |
| } | |
| # module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0] must be replaced | |
| -/+ resource "aws_iam_role_policy_attachment" "aws_alb_ingress_controller_pod" { | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009" -> (known after apply) | |
| policy_arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004" | |
| ~ role = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) # forces replacement | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = "*" -> [ | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 2 to add, 1 to change, 2 to destroy. | |
| ------------------------------------------------------------------------ | |
| Note: You didn't specify an "-out" parameter to save this plan, so Terraform | |
| can't guarantee that exactly these actions will be performed if | |
| "terraform apply" is subsequently run. | |
| Releasing state lock. This may take a few moments... | |
| eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 34s | |
| ➜ terraform apply --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| -/+ destroy and then create replacement | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0] must be replaced | |
| -/+ resource "aws_iam_role" "aws_alb_ingress_controller_pod_role" { | |
| ~ arn = "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ assume_role_policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Principal = { | |
| ~ AWS = "arn:aws:iam::xxxxxxxxxxxx:root" -> "xxxxxxxxxxxx" | |
| } | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| ~ create_date = "2019-08-22T02:09:48Z" -> (known after apply) | |
| force_detach_policies = false | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| max_session_duration = 3600 | |
| ~ name = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) | |
| ~ name_prefix = "eks-example-cluster-autoscaler-" -> "eks-example-alb-ingress-" # forces replacement | |
| path = "/" | |
| - tags = {} -> null | |
| ~ unique_id = "AROAQJRDXQGDVZGSZ5X75" -> (known after apply) | |
| } | |
| # module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0] must be replaced | |
| -/+ resource "aws_iam_role_policy_attachment" "aws_alb_ingress_controller_pod" { | |
| ~ id = "eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009" -> (known after apply) | |
| policy_arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004" | |
| ~ role = "eks-example-cluster-autoscaler-20190822020947622100000002" -> (known after apply) # forces replacement | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = "*" -> [ | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 2 to add, 1 to change, 2 to destroy. | |
| Do you want to perform these actions? | |
| Terraform will perform the actions described above. | |
| Only 'yes' will be accepted to approve. | |
| Enter a value: yes | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Destroying... [id=eks-example-cluster-autoscaler-20190822020947622100000002-20190822020951176200000009] | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifying... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Destruction complete after 2s | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Destroying... [id=eks-example-cluster-autoscaler-20190822020947622100000002] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Destruction complete after 1s | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Creating... | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifications complete after 4s [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Creation complete after 2s [id=eks-example-alb-ingress-20190822022643213600000001] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Creating... | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Creation complete after 2s [id=eks-example-alb-ingress-20190822022643213600000001-20190822022645979300000002] | |
| Apply complete! Resources: 2 added, 1 changed, 2 destroyed. | |
| Releasing state lock. This may take a few moments... | |
| eks-cookiecutter/eks-example/eks-cluster-setup on master [$!+?] using ☁️ devops-sandbox at ☸️ arn:aws:eks:us-west-2:xxxxxxxxxxxx:cluster/eks-example took 1m 43s | |
| ➜ terraform apply --var-file=default.tfvars | |
| Acquiring state lock. This may take a few moments... | |
| module.eks_kubernetes_dashboard.data.template_file.kubernetes_dashboard_values[0]: Refreshing state... | |
| data.terraform_remote_state.eks_cluster: Refreshing state... | |
| module.efs_provisioner.data.aws_caller_identity.current[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_caller_identity.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_region.current: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller[0]: Refreshing state... | |
| module.efs_provisioner.data.aws_iam_policy_document.efs_kms_key[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.aws_iam_policy_document.aws_alb_ingress_controller_pod_role[0]: Refreshing state... | |
| module.cluster_autoscaler.data.aws_iam_policy_document.cluster_autoscaler_pod_role[0]: Refreshing state... | |
| module.efs_provisioner.aws_kms_key.efs[0]: Refreshing state... [id=62c47755-b130-47d8-8884-650eb71608a8] | |
| data.aws_eks_cluster_auth.this: Refreshing state... | |
| module.aws_alb_ingress_controller.aws_iam_policy.aws_alb_ingress_controller[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947624200000004] | |
| module.cluster_autoscaler.aws_iam_policy.cluster_autoscaler[0]: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947620100000001] | |
| module.kube2iam.data.template_file.kube2iam_values[0]: Refreshing state... | |
| module.cluster_autoscaler.aws_iam_role.cluster_autoscaler_pod_role[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005] | |
| module.efs_provisioner.aws_iam_role_policy_attachment.amazon_elastic_file_system_read_only_access[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-20190822020948722100000007] | |
| module.aws_alb_ingress_controller.aws_iam_role.aws_alb_ingress_controller_pod_role[0]: Refreshing state... [id=eks-example-alb-ingress-20190822022643213600000001] | |
| module.efs_provisioner.aws_security_group.efs[0]: Refreshing state... [id=sg-0f5344cf4337a0269] | |
| module.efs_provisioner.data.aws_subnet_ids.subnet_ids[0]: Refreshing state... | |
| module.aws_alb_ingress_controller.data.helm_repository.incubator[0]: Refreshing state... | |
| module.eks_kubernetes_dashboard.helm_release.kubernetes_dashboard[0]: Refreshing state... [id=kubernetes-dashboard] | |
| module.kube2iam.helm_release.kube2iam[0]: Refreshing state... [id=kube2iam] | |
| module.efs_provisioner.aws_efs_file_system.this[0]: Refreshing state... [id=fs-5efeb2f5] | |
| module.aws_alb_ingress_controller.data.template_file.aws_alb_ingress_controller_values[0]: Refreshing state... | |
| module.cluster_autoscaler.data.template_file.cluster_autoscaler_values[0]: Refreshing state... | |
| module.kube2iam.data.aws_iam_policy_document.kube2iam: Refreshing state... | |
| module.kube2iam.aws_iam_policy.kube2iam: Refreshing state... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.cluster_autoscaler.helm_release.cluster_autoscaler[0]: Refreshing state... [id=cluster-autoscaler] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Refreshing state... [id=aws-alb-ingress-controller] | |
| module.aws_alb_ingress_controller.aws_iam_role_policy_attachment.aws_alb_ingress_controller_pod[0]: Refreshing state... [id=eks-example-alb-ingress-20190822022643213600000001-20190822022645979300000002] | |
| module.cluster_autoscaler.aws_iam_role_policy_attachment.cluster_autoscaler_pod[0]: Refreshing state... [id=eks-example-cluster-autoscaler-20190822020947624500000005-20190822020951170700000008] | |
| module.efs_provisioner.aws_efs_mount_target.this[1]: Refreshing state... [id=fsmt-1540f2bd] | |
| module.efs_provisioner.aws_efs_mount_target.this[0]: Refreshing state... [id=fsmt-1340f2bb] | |
| module.efs_provisioner.aws_efs_mount_target.this[2]: Refreshing state... [id=fsmt-1040f2b8] | |
| module.efs_provisioner.data.template_file.efs_provisioner_values[0]: Refreshing state... | |
| module.kube2iam.aws_iam_role_policy_attachment.kube2iam[0]: Refreshing state... [id=eks-example-default-20190822012419135600000003-2019082202095117960000000a] | |
| module.efs_provisioner.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| Terraform will perform the following actions: | |
| # module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0] will be updated in-place | |
| ~ resource "helm_release" "aws_alb_ingress_controller" { | |
| chart = "incubator/aws-alb-ingress-controller" | |
| disable_webhooks = false | |
| force_update = false | |
| id = "aws-alb-ingress-controller" | |
| metadata = [ | |
| { | |
| chart = "aws-alb-ingress-controller" | |
| name = "aws-alb-ingress-controller" | |
| namespace = "kube-system" | |
| revision = 1 | |
| values = "affinity: {}\nautoDiscoverAwsRegion: true\nautoDiscoverAwsVpcID: true\nawsRegion: \"\"\nawsVpcID: vpc-xxx\nclusterName: eks-example\nenableLivenessProbe: false\nenableReadinessProbe: false\nextraArgs: {}\nextraEnv: {}\nfullnameOverride: \"\"\nimage:\n pullPolicy: IfNotPresent\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: v1.1.2\nlivenessProbeInitialDelay: 30\nnameOverride: \"\"\nnodeSelector: {}\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002\npodLabels: {}\nrbac:\n create: true\n serviceAccountName: default\nreadinessProbeInitialDelay: 30\nreadinessProbeInterval: 60\nreadinessProbeTimeout: 3\nreplicaCount: 1\nresources: {}\nscope:\n ingressClass: alb\n singleNamespace: false\n watchNamespace: \"\"\ntolerations: []\n" | |
| version = "0.1.10" | |
| }, | |
| ] | |
| name = "aws-alb-ingress-controller" | |
| namespace = "kube-system" | |
| recreate_pods = false | |
| repository = "incubator" | |
| reuse = false | |
| reuse_values = false | |
| status = "DEPLOYED" | |
| timeout = 300 | |
| ~ values = [ | |
| - "## Resources created by the ALB Ingress controller will be prefixed with this string\n## Required\nclusterName: eks-example\n\n## AWS region of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsRegion != true\nawsRegion: \"\"\n\n## Auto Discover awsRegion from ec2metadata, set this to true and omit awsRegion when ec2metadata is available.\nautoDiscoverAwsRegion: true\n\n## VPC ID of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsVpcID != true\nawsVpcID: \"vpc-xxx\"\n\n## Auto Discover awsVpcID from ec2metadata, set this to true and omit awsVpcID: \" when ec2metadata is available.\nautoDiscoverAwsVpcID: true\n\nscope:\n ## If provided, the ALB ingress controller will only act on Ingress resources annotated with this class\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-ingress-class\n ingressClass: alb\n\n ## If true, the ALB ingress controller will only act on Ingress resources in a single namespace\n ## Default: false; watch all namespaces\n singleNamespace: false\n\n ## If scope.singleNamespace=true, the ALB ingress controller will only act on Ingress resources in this namespace\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-namespaces\n ## Default: namespace of the ALB ingress controller\n watchNamespace: \"\"\n\nextraArgs: {}\n\nextraEnv: {}\n # AWS_ACCESS_KEY_ID: \"\"\n # AWS_SECRET_ACCESS_KEY: \"\"\n\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002\n\npodLabels: {}\n\n# whether configure readinessProbe on controller pod\nenableReadinessProbe: false\n\n# How often (in seconds) to check controller readiness\nreadinessProbeInterval: 60\n\n# How long to wait before timeout (in seconds) when checking controller readiness\nreadinessProbeTimeout: 3\n\n# How long to wait (in seconds) before checking the readiness probe\nreadinessProbeInitialDelay: 30\n\n# whether configure livenessProbe on controller pod\nenableLivenessProbe: false\n\n# How long to wait (in seconds) before checking the liveness probe\nlivenessProbeInitialDelay: 30\n\nrbac:\n ## If true, create & use RBAC resources\n ##\n create: true\n serviceAccountName: default\n\nimage:\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: \"v1.1.2\"\n pullPolicy: IfNotPresent\n\nreplicaCount: 1\nnameOverride: \"\"\nfullnameOverride: \"\"\n\nresources: {}\n # We usually recommend not to specify default resources and to leave this as a conscious\n # choice for the user. This also increases chances charts run on environments with little\n # resources, such as Minikube. If you do want to specify resources, uncomment the following\n # lines, adjust them as necessary, and remove the curly braces after 'resources:'.\n # limits:\n # cpu: 100m\n # memory: 128Mi\n # requests:\n # cpu: 100m\n # memory: 128Mi\n\nnodeSelector: {}\n # node-role.kubernetes.io/node: \"true\"\n # tier: cs\n\ntolerations: []\n # - key: \"node-role.kubernetes.io/master\"\n # effect: NoSchedule\n\naffinity: {}\n", | |
| + "## Resources created by the ALB Ingress controller will be prefixed with this string\n## Required\nclusterName: eks-example\n\n## AWS region of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsRegion != true\nawsRegion: \"\"\n\n## Auto Discover awsRegion from ec2metadata, set this to true and omit awsRegion when ec2metadata is available.\nautoDiscoverAwsRegion: true\n\n## VPC ID of k8s cluster, required if ec2metadata is unavailable from controller pod\n## Required if autoDiscoverAwsVpcID != true\nawsVpcID: \"vpc-xxx\"\n\n## Auto Discover awsVpcID from ec2metadata, set this to true and omit awsVpcID: \" when ec2metadata is available.\nautoDiscoverAwsVpcID: true\n\nscope:\n ## If provided, the ALB ingress controller will only act on Ingress resources annotated with this class\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-ingress-class\n ingressClass: alb\n\n ## If true, the ALB ingress controller will only act on Ingress resources in a single namespace\n ## Default: false; watch all namespaces\n singleNamespace: false\n\n ## If scope.singleNamespace=true, the ALB ingress controller will only act on Ingress resources in this namespace\n ## Ref: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/blob/master/docs/guide/controller/config.md#limiting-namespaces\n ## Default: namespace of the ALB ingress controller\n watchNamespace: \"\"\n\nextraArgs: {}\n\nextraEnv: {}\n # AWS_ACCESS_KEY_ID: \"\"\n # AWS_SECRET_ACCESS_KEY: \"\"\n\npodAnnotations:\n iam.amazonaws.com/role: arn:aws:iam::xxxxxxxxxxxx:role/eks-example-alb-ingress-20190822022643213600000001\n\npodLabels: {}\n\n# whether configure readinessProbe on controller pod\nenableReadinessProbe: false\n\n# How often (in seconds) to check controller readiness\nreadinessProbeInterval: 60\n\n# How long to wait before timeout (in seconds) when checking controller readiness\nreadinessProbeTimeout: 3\n\n# How long to wait (in seconds) before checking the readiness probe\nreadinessProbeInitialDelay: 30\n\n# whether configure livenessProbe on controller pod\nenableLivenessProbe: false\n\n# How long to wait (in seconds) before checking the liveness probe\nlivenessProbeInitialDelay: 30\n\nrbac:\n ## If true, create & use RBAC resources\n ##\n create: true\n serviceAccountName: default\n\nimage:\n repository: docker.io/amazon/aws-alb-ingress-controller\n tag: \"v1.1.2\"\n pullPolicy: IfNotPresent\n\nreplicaCount: 1\nnameOverride: \"\"\nfullnameOverride: \"\"\n\nresources: {}\n # We usually recommend not to specify default resources and to leave this as a conscious\n # choice for the user. This also increases chances charts run on environments with little\n # resources, such as Minikube. If you do want to specify resources, uncomment the following\n # lines, adjust them as necessary, and remove the curly braces after 'resources:'.\n # limits:\n # cpu: 100m\n # memory: 128Mi\n # requests:\n # cpu: 100m\n # memory: 128Mi\n\nnodeSelector: {}\n # node-role.kubernetes.io/node: \"true\"\n # tier: cs\n\ntolerations: []\n # - key: \"node-role.kubernetes.io/master\"\n # effect: NoSchedule\n\naffinity: {}\n", | |
| ] | |
| verify = false | |
| version = "0.1.10" | |
| wait = true | |
| } | |
| # module.kube2iam.aws_iam_policy.kube2iam will be updated in-place | |
| ~ resource "aws_iam_policy" "kube2iam" { | |
| arn = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| id = "arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003" | |
| name = "eks-example-20190822020947623100000003" | |
| name_prefix = "eks-example-" | |
| path = "/" | |
| ~ policy = jsonencode( | |
| ~ { | |
| ~ Statement = [ | |
| ~ { | |
| Action = "sts:AssumeRole" | |
| Effect = "Allow" | |
| ~ Resource = [ | |
| "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947624500000005", | |
| - "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-cluster-autoscaler-20190822020947622100000002", | |
| + "arn:aws:iam::xxxxxxxxxxxx:role/eks-example-alb-ingress-20190822022643213600000001", | |
| ] | |
| Sid = "" | |
| }, | |
| ] | |
| Version = "2012-10-17" | |
| } | |
| ) | |
| } | |
| Plan: 0 to add, 2 to change, 0 to destroy. | |
| Do you want to perform these actions? | |
| Terraform will perform the actions described above. | |
| Only 'yes' will be accepted to approve. | |
| Enter a value: yes | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifying... [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Modifying... [id=aws-alb-ingress-controller] | |
| module.kube2iam.aws_iam_policy.kube2iam: Modifications complete after 4s [id=arn:aws:iam::xxxxxxxxxxxx:policy/eks-example-20190822020947623100000003] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Still modifying... [id=aws-alb-ingress-controller, 10s elapsed] | |
| module.aws_alb_ingress_controller.helm_release.aws_alb_ingress_controller[0]: Modifications complete after 12s [id=aws-alb-ingress-controller] | |
| Apply complete! Resources: 0 added, 2 changed, 0 destroyed. | |
| Releasing state lock. This may take a few moments... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment