Я создал кластер EKS, используя terraform после создания. Я пытаюсь обновить один параметр, который endpoint_public_access=false
Но я получаю следующую ошибку
Ошибка: ошибка Обновление конфигурации кластера EKS (ec1-default-ics-common-alz-eks-cluster): InvalidParameterException: кластер уже находится в требуемой конфигурации с endpointPrivateAccess: false, endpointPublicAccess: true и Publi c Ограничения конечной точки: [0.0.0.0 / 0] {ClusterName: "ec1-default-ics-common-alz-eks-cluster", Message_: "Кластер уже находится в требуемой конфигурации с endpointPrivateAccess: false, endpointPublicAccess: true и общими ограничениями конечной точки: [0.0.0.0 / 0] "} on ../../terraform-hli-aws-eks/eks_cluster/main.tf строка 1, в ресурсе" aws_eks_cluster "," eks_cluster ": 1: ресурс" aws_eks_cluster "" eks_cluster "{
Вот план Terraform
~ resource "aws_eks_cluster" "eks_cluster" {
arn = "<arn>"
certificate_authority = [
{
data = "<datat>"
},
]
created_at = "2020-03-09 08:59:28 +0000 UTC"
enabled_cluster_log_types = [
"api",
"audit",
]
endpoint = "<url>.eks.amazonaws.com"
id = "ec1-default-ics-common-alz-eks-cluster"
identity = [
{
oidc = [
{
issuer = "<url>"
},
]
},
]
name = "ec1-default-ics-common-alz-eks-cluster"
platform_version = "eks.9"
role_arn = "<url>"
status = "ACTIVE"
tags = {
"Environment" = "common"
"Project" = "ics-dlt"
"Terraform" = "true"
}
version = "1.14"
~ vpc_config {
cluster_security_group_id = "sg-05ab244e50689862a"
endpoint_private_access = false
endpoint_public_access = true
~ public_access_cidrs = [
- "0.0.0.0/0",
]
security_group_ids = [
"sg-081527f14bf1a6646",
]
subnet_ids = [
"subnet-08011850bb5b7d7ca",
"subnet-0fab8917fdc533eb3",
]
vpc_id = "vpc-07ba84e4a6f54d91f"
}
}
Код Terraform
resource "aws_eks_cluster" "eks_cluster" {
name = var.name
role_arn = aws_iam_role.eks_cluster_role.arn
vpc_config {
subnet_ids = var.cluster_subnet_ids
endpoint_private_access = var.endpoint_private_access
endpoint_public_access = var.endpoint_public_access
public_access_cidrs = var.public_access_cidrs
security_group_ids = var.security_group_ids
}
enabled_cluster_log_types = var.enabled_cluster_log_types
tags = var.tags
depends_on = [
aws_iam_role_policy_attachment.eks_cluster_role-AmazonEKSClusterPolicy,
aws_iam_role_policy_attachment.eks_cluster_role-AmazonEKSServicePolicy,
]
}
data "template_file" "eks_cluster_role" {
template = "${file("${path.module}/roles/cluster_role.json")}"
}
resource "aws_iam_role" "eks_cluster_role" {
name = var.cluster_role_name
assume_role_policy = data.template_file.eks_cluster_role.rendered
}
resource "aws_iam_role_policy_attachment" "eks_cluster_role-AmazonEKSClusterPolicy" {
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
role = aws_iam_role.eks_cluster_role.name
}
resource "aws_iam_role_policy_attachment" "eks_cluster_role-AmazonEKSServicePolicy" {
policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy"
role = aws_iam_role.eks_cluster_role.name
}