cloudposse · aknysh · Oct 6, 2023 · Aug 18, 2023 · Aug 18, 2023 · Aug 18, 2023
@@ -1,13 +1,14 @@
 {
   "extends": [
     "config:base",
-    ":preserveSemverRanges"
+    ":preserveSemverRanges",
+    ":rebaseStalePrs"
   ],
-  "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"],
+  "baseBranches": ["main"],
   "labels": ["auto-update"],
   "dependencyDashboardAutoclose": true,
   "enabledManagers": ["terraform"],
   "terraform": {
-    "ignorePaths": ["**/context.tf", "examples/**"]
+    "ignorePaths": ["**/context.tf"]
   }
 }
@@ -11,4 +11,4 @@ permissions:
 
 jobs:
   terraform-module:
-    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main
+    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main
@@ -281,24 +281,27 @@ Other examples:
     addons = [
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
       {
-        addon_name               = "vpc-cni"
-        addon_version            = var.vpc_cni_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "vpc-cni"
+        addon_version               = var.vpc_cni_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
       {
-        addon_name               = "kube-proxy"
-        addon_version            = var.kube_proxy_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "kube-proxy"
+        addon_version               = var.kube_proxy_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
       // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
       {
-        addon_name               = "coredns"
-        addon_version            = var.coredns_version
-        resolve_conflicts        = "NONE"
-        service_account_role_arn = null
+        addon_name                  = "coredns"
+        addon_version               = var.coredns_version
+        resolve_conflicts_on_create = "NONE"
+        resolve_conflicts_on_update = "NONE"
+        service_account_role_arn    = null
       },
     ]
     addons_depends_on = [module.eks_node_group]
@@ -416,7 +419,7 @@ Available targets:
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.46 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.7.1 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.1.0, != 4.0.0 |
@@ -425,7 +428,7 @@ Available targets:
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.46 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.7.1 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.1.0, != 4.0.0 |
@@ -474,7 +477,7 @@ Available targets:
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br>This is for some rare cases where resources want additional configuration of tags<br>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name               = string<br>    addon_version            = optional(string, null)<br>    configuration_values     = optional(string, null)<br>    resolve_conflicts        = string<br>    service_account_role_arn = optional(string, null)<br>    create_timeout           = optional(string, null)<br>    update_timeout           = optional(string, null)<br>    delete_timeout           = optional(string, null)<br>  }))</pre> | `[]` | no |
+| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name                  = string<br>    addon_version               = optional(string, null)<br>    configuration_values        = optional(string, null)<br>    resolve_conflicts_on_create = optional(string, null)<br>    resolve_conflicts_on_update = optional(string, null)<br>    service_account_role_arn    = optional(string, null)<br>    create_timeout              = optional(string, null)<br>    update_timeout              = optional(string, null)<br>    delete_timeout              = optional(string, null)<br>  }))</pre> | `[]` | no |
 | <a name="input_addons_depends_on"></a> [addons\_depends\_on](#input\_addons\_depends\_on) | If provided, all addons will depend on this object, and therefore not be installed until this object is finalized.<br>This is useful if you want to ensure that addons are not applied before some other condition is met, e.g. node groups are created.<br>See [issue #170](https://github.com/cloudposse/terraform-aws-eks-cluster/issues/170) for more details. | `any` | `null` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | A list of IPv4 CIDRs to allow access to the cluster.<br>The length of this list must be known at "plan" time. | `list(string)` | `[]` | no |
 | <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |

@@ -245,24 +245,27 @@ usage: |2-
       addons = [
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
         {
-          addon_name               = "vpc-cni"
-          addon_version            = var.vpc_cni_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "vpc-cni"
+          addon_version               = var.vpc_cni_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
         {
-          addon_name               = "kube-proxy"
-          addon_version            = var.kube_proxy_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "kube-proxy"
+          addon_version               = var.kube_proxy_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
         // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
         {
-          addon_name               = "coredns"
-          addon_version            = var.coredns_version
-          resolve_conflicts        = "NONE"
-          service_account_role_arn = null
+          addon_name                  = "coredns"
+          addon_version               = var.coredns_version
+          resolve_conflicts_on_create = "NONE"
+          resolve_conflicts_on_update = "NONE"
+          service_account_role_arn    = null
         },
       ]
       addons_depends_on = [module.eks_node_group]

@@ -4,7 +4,7 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.46 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.7.1 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
 | <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.1.0, != 4.0.0 |
@@ -13,7 +13,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.46 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.7.1 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.1.0, != 4.0.0 |
@@ -62,7 +62,7 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br>This is for some rare cases where resources want additional configuration of tags<br>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name               = string<br>    addon_version            = optional(string, null)<br>    configuration_values     = optional(string, null)<br>    resolve_conflicts        = string<br>    service_account_role_arn = optional(string, null)<br>    create_timeout           = optional(string, null)<br>    update_timeout           = optional(string, null)<br>    delete_timeout           = optional(string, null)<br>  }))</pre> | `[]` | no |
+| <a name="input_addons"></a> [addons](#input\_addons) | Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources | <pre>list(object({<br>    addon_name                  = string<br>    addon_version               = optional(string, null)<br>    configuration_values        = optional(string, null)<br>    resolve_conflicts_on_create = optional(string, null)<br>    resolve_conflicts_on_update = optional(string, null)<br>    service_account_role_arn    = optional(string, null)<br>    create_timeout              = optional(string, null)<br>    update_timeout              = optional(string, null)<br>    delete_timeout              = optional(string, null)<br>  }))</pre> | `[]` | no |
 | <a name="input_addons_depends_on"></a> [addons\_depends\_on](#input\_addons\_depends\_on) | If provided, all addons will depend on this object, and therefore not be installed until this object is finalized.<br>This is useful if you want to ensure that addons are not applied before some other condition is met, e.g. node groups are created.<br>See [issue #170](https://github.com/cloudposse/terraform-aws-eks-cluster/issues/170) for more details. | `any` | `null` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | A list of IPv4 CIDRs to allow access to the cluster.<br>The length of this list must be known at "plan" time. | `list(string)` | `[]` | no |
 | <a name="input_allowed_security_group_ids"></a> [allowed\_security\_group\_ids](#input\_allowed\_security\_group\_ids) | A list of IDs of Security Groups to allow access to the cluster. | `list(string)` | `[]` | no |

@@ -33,23 +33,26 @@ kubernetes_version = "1.26"
 addons = [
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#vpc-cni-latest-available-version
   {
-    addon_name               = "vpc-cni"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "vpc-cni"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html
   {
-    addon_name               = "kube-proxy"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "kube-proxy"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
   // https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html
   {
-    addon_name               = "coredns"
-    addon_version            = null
-    resolve_conflicts        = "NONE"
-    service_account_role_arn = null
+    addon_name                  = "coredns"
+    addon_version               = null
+    resolve_conflicts_on_create = "NONE"
+    resolve_conflicts_on_update = "NONE"
+    service_account_role_arn    = null
   },
 ]
@@ -132,10 +132,11 @@ variable "cluster_encryption_config_resources" {
 
 variable "addons" {
   type = list(object({
-    addon_name               = string
-    addon_version            = string
-    resolve_conflicts        = string
-    service_account_role_arn = string
+    addon_name                  = string
+    addon_version               = string
+    resolve_conflicts_on_create = string
+    resolve_conflicts_on_update = string
+    service_account_role_arn    = string
   }))
   default     = []
   description = "Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources."

@@ -142,12 +142,13 @@ resource "aws_eks_addon" "cluster" {
     addon.addon_name => addon
   } : {}
 
-  cluster_name             = one(aws_eks_cluster.default[*].name)
-  addon_name               = each.key
-  addon_version            = lookup(each.value, "addon_version", null)
-  configuration_values     = lookup(each.value, "configuration_values", null)
-  resolve_conflicts        = lookup(each.value, "resolve_conflicts", null)
-  service_account_role_arn = lookup(each.value, "service_account_role_arn", null)
+  cluster_name                = one(aws_eks_cluster.default[*].name)
+  addon_name                  = each.key
+  addon_version               = lookup(each.value, "addon_version", null)
+  configuration_values        = lookup(each.value, "configuration_values", null)
+  resolve_conflicts_on_create = lookup(each.value, "resolve_conflicts_on_create", null)
+  resolve_conflicts_on_update = lookup(each.value, "resolve_conflicts_on_update", null)
+  service_account_role_arn    = lookup(each.value, "service_account_role_arn", null)
 
   tags = module.label.tags
 

@@ -209,14 +209,15 @@ variable "cloudwatch_log_group_kms_key_id" {
 
 variable "addons" {
   type = list(object({
-    addon_name               = string
-    addon_version            = optional(string, null)
-    configuration_values     = optional(string, null)
-    resolve_conflicts        = string
-    service_account_role_arn = optional(string, null)
-    create_timeout           = optional(string, null)
-    update_timeout           = optional(string, null)
-    delete_timeout           = optional(string, null)
+    addon_name                  = string
+    addon_version               = optional(string, null)
+    configuration_values        = optional(string, null)
+    resolve_conflicts_on_create = optional(string, null)
+    resolve_conflicts_on_update = optional(string, null)
+    service_account_role_arn    = optional(string, null)
+    create_timeout              = optional(string, null)
+    update_timeout              = optional(string, null)
+    delete_timeout              = optional(string, null)
   }))
   description = "Manages [`aws_eks_addon`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) resources"
   default     = []

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.46"
+      version = ">= 5.0.0"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"