DEVHIDE
Login Or Sign up

How to manage data for a kubernetes_config_map without conflicts

893 Views Asked by At

Had an issue recently using the terraform-aws-eks module where we wanted to create the aws-auth config map and set the mapRoles and mapAccounts fields in the module but manage the mapUsers elsewhere.

kubernetes_config_map_v1_data seemed tailor made for this but we kept running into conflict issues where the fields created by kubernetes_config_map_v1_data kept wanting to get destroyed by the kubernetes_config_map resource.

We found a solution and put the answer below to anybody else having this issue.

kubernetes terraform terraform-provider-kubernetes terraform-aws-modules
Original Q&A
1

There are 1 best solutions below

0
On

terraform-aws-eks module version 17

within the terraform module aws-auth.tf:

resource "kubernetes_config_map" "aws_auth" {
  count = var.create_eks && var.manage_aws_auth ? 1 : 0

  metadata {
    name      = "aws-auth"
    namespace = "kube-system"
    labels = merge(
      {
        "app.kubernetes.io/managed-by" = "Terraform"
        # / are replaced by . because label validator fails in this lib
        # https://github.com/kubernetes/apimachinery/blob/1bdd76d09076d4dc0362456e59c8f551f5f24a72/pkg/util/validation/validation.go#L166
        "terraform.io/module" = "terraform-aws-modules.eks.aws"
      },
      var.aws_auth_additional_labels
    )
  }

  lifecycle {
    ignore_changes = [
      data,
    ]
  }

  depends_on = [data.http.wait_for_cluster[0]]
}

resource "kubernetes_config_map_v1_data" "aws_auth" {
  count = var.create_eks && var.manage_aws_auth ? 1 : 0

  metadata {
    name      = "aws-auth"
    namespace = "kube-system"
  }

  data = {
    mapRoles = yamlencode(
      distinct(concat(
        local.configmap_roles,
        var.map_roles,
      ))
    )
    mapAccounts = yamlencode(var.map_accounts)
  }

  field_manager = "aws-eks-module"

  depends_on = [data.http.wait_for_cluster[0], kubernetes_config_map.aws_auth[0]]
}

From another repo:

resource "kubernetes_config_map_v1_data" "aws_auth_example" {
  metadata {
    name      = "aws-auth"
    namespace = "kube-system"
  }

  data = {
    mapUsers = yamlencode(var.users)
  }

  field_manager = "example"
}

Related Questions in KUBERNETES

Related Questions in TERRAFORM

Related Questions in TERRAFORM-PROVIDER-KUBERNETES

Related Questions in TERRAFORM-AWS-MODULES

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.