Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GitHub Workflow PR Example: See Inkdrop in action #5

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Conversation

albschi
Copy link
Contributor

@albschi albschi commented Apr 5, 2024

Here is an example of a Pull Request running a reusable GH action with Inkdrop

@albschi albschi self-assigned this Apr 5, 2024
Copy link
Contributor

github-actions bot commented Apr 5, 2024

Terraform Plan Output

See output
module.lambda-file-systems.data.archive_file.zip: Reading...
module.eks.data.http.workstation-external-ip: Reading...
module.lambda-file-systems.data.archive_file.zip: Read complete after 0s [id=7aa2bb50d6935e8ee924d21832910de2a59fe05b]
module.eks.data.http.workstation-external-ip: Read complete after 0s [id=http://ipv4.icanhazip.com]
module.lambda-file-systems.data.aws_iam_policy_document.assume_role_policy: Reading...
module.lambda-file-systems.data.aws_partition.current: Reading...
module.lambda-file-systems.data.aws_availability_zones.available: Reading...
module.lambda-file-systems.data.aws_partition.current: Read complete after 0s [id=aws]
module.lambda-file-systems.data.aws_iam_policy_document.assume_role_policy: Read complete after 0s [id=2690255455]
module.lambda-file-systems.data.aws_iam_policy.AmazonElasticFileSystemClientFullAccess: Reading...
module.lambda-file-systems.data.aws_iam_policy.AWSLambdaVPCAccessExecutionRole: Reading...
module.lambda-file-systems.data.aws_availability_zones.available: Read complete after 0s [id=us-east-1]
module.lambda-file-systems.data.aws_iam_policy.AWSLambdaVPCAccessExecutionRole: Read complete after 0s [id=arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole]
module.lambda-file-systems.data.aws_iam_policy.AmazonElasticFileSystemClientFullAccess: Read complete after 0s [id=arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess]
module.eks.data.aws_availability_zones.available: Reading...
module.ecs-alb.data.aws_ssm_parameter.ecs_image_id: Reading...
module.ecs-alb.data.aws_availability_zones.available: Reading...
module.ecs-alb.data.aws_region.current: Reading...
module.ecs-alb.data.aws_region.current: Read complete after 0s [id=us-west-2]
module.sagemaker.data.aws_region.current: Reading...
module.sagemaker.data.aws_caller_identity.current: Reading...
module.sagemaker.data.aws_iam_policy_document.assume_role: Reading...
module.sagemaker.data.aws_iam_policy_document.assume_role: Read complete after 0s [id=1147345228]
module.sagemaker.data.aws_region.current: Read complete after 0s [id=us-west-2]
module.sagemaker.data.aws_caller_identity.current: Read complete after 0s [id=425443422359]
module.eks.data.aws_availability_zones.available: Read complete after 0s [id=us-west-2]
module.ecs-alb.data.aws_availability_zones.available: Read complete after 0s [id=us-west-2]
module.ecs-alb.data.aws_ssm_parameter.ecs_image_id: Read complete after 0s [id=/aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.ecs-alb.aws_alb.main will be created
  + resource "aws_alb" "main" {
      + arn                                                          = (known after apply)
      + arn_suffix                                                   = (known after apply)
      + desync_mitigation_mode                                       = "defensive"
      + dns_name                                                     = (known after apply)
      + drop_invalid_header_fields                                   = false
      + enable_deletion_protection                                   = false
      + enable_http2                                                 = true
      + enable_tls_version_and_cipher_suite_headers                  = false
      + enable_waf_fail_open                                         = false
      + enable_xff_client_port                                       = false
      + enforce_security_group_inbound_rules_on_private_link_traffic = (known after apply)
      + id                                                           = (known after apply)
      + idle_timeout                                                 = 60
      + internal                                                     = (known after apply)
      + ip_address_type                                              = (known after apply)
      + load_balancer_type                                           = "application"
      + name                                                         = "tf-example-alb-ecs"
      + name_prefix                                                  = (known after apply)
      + preserve_host_header                                         = false
      + security_groups                                              = (known after apply)
      + subnets                                                      = (known after apply)
      + tags_all                                                     = (known after apply)
      + vpc_id                                                       = (known after apply)
      + xff_header_processing_mode                                   = "append"
      + zone_id                                                      = (known after apply)
    }

  # module.ecs-alb.aws_alb_listener.front_end will be created
  + resource "aws_alb_listener" "front_end" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + load_balancer_arn = (known after apply)
      + port              = 80
      + protocol          = "HTTP"
      + ssl_policy        = (known after apply)
      + tags_all          = (known after apply)

      + default_action {
          + order            = (known after apply)
          + target_group_arn = (known after apply)
          + type             = "forward"
        }
    }

  # module.ecs-alb.aws_alb_target_group.test will be created
  + resource "aws_alb_target_group" "test" {
      + arn                                = (known after apply)
      + arn_suffix                         = (known after apply)
      + connection_termination             = (known after apply)
      + deregistration_delay               = "300"
      + id                                 = (known after apply)
      + ip_address_type                    = (known after apply)
      + lambda_multi_value_headers_enabled = false
      + load_balancer_arns                 = (known after apply)
      + load_balancing_algorithm_type      = (known after apply)
      + load_balancing_anomaly_mitigation  = (known after apply)
      + load_balancing_cross_zone_enabled  = (known after apply)
      + name                               = "tf-example-ecs-ghost"
      + name_prefix                        = (known after apply)
      + port                               = 8080
      + preserve_client_ip                 = (known after apply)
      + protocol                           = "HTTP"
      + protocol_version                   = (known after apply)
      + proxy_protocol_v2                  = false
      + slow_start                         = 0
      + tags_all                           = (known after apply)
      + target_type                        = "instance"
      + vpc_id                             = (known after apply)
    }

  # module.ecs-alb.aws_autoscaling_group.app will be created
  + resource "aws_autoscaling_group" "app" {
      + arn                              = (known after apply)
      + availability_zones               = (known after apply)
      + default_cooldown                 = (known after apply)
      + desired_capacity                 = 1
      + force_delete                     = false
      + force_delete_warm_pool           = false
      + health_check_grace_period        = 300
      + health_check_type                = (known after apply)
      + id                               = (known after apply)
      + ignore_failed_scaling_activities = false
      + launch_configuration             = (known after apply)
      + load_balancers                   = (known after apply)
      + max_size                         = 2
      + metrics_granularity              = "1Minute"
      + min_size                         = 1
      + name                             = "tf-test-asg"
      + name_prefix                      = (known after apply)
      + predicted_capacity               = (known after apply)
      + protect_from_scale_in            = false
      + service_linked_role_arn          = (known after apply)
      + target_group_arns                = (known after apply)
      + vpc_zone_identifier              = (known after apply)
      + wait_for_capacity_timeout        = "10m"
      + warm_pool_size                   = (known after apply)
    }

  # module.ecs-alb.aws_cloudwatch_log_group.app will be created
  + resource "aws_cloudwatch_log_group" "app" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + log_group_class   = (known after apply)
      + name              = "tf-ecs-group/app-ghost"
      + name_prefix       = (known after apply)
      + retention_in_days = 0
      + skip_destroy      = false
      + tags_all          = (known after apply)
    }

  # module.ecs-alb.aws_cloudwatch_log_group.ecs will be created
  + resource "aws_cloudwatch_log_group" "ecs" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + log_group_class   = (known after apply)
      + name              = "tf-ecs-group/ecs-agent"
      + name_prefix       = (known after apply)
      + retention_in_days = 0
      + skip_destroy      = false
      + tags_all          = (known after apply)
    }

  # module.ecs-alb.aws_ecs_cluster.main will be created
  + resource "aws_ecs_cluster" "main" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + name     = "terraform_example_ecs_cluster"
      + tags_all = (known after apply)
    }

  # module.ecs-alb.aws_ecs_service.test will be created
  + resource "aws_ecs_service" "test" {
      + cluster                            = (known after apply)
      + deployment_maximum_percent         = 200
      + deployment_minimum_healthy_percent = 100
      + desired_count                      = 1
      + enable_ecs_managed_tags            = false
      + enable_execute_command             = false
      + iam_role                           = "tf_example_ecs_role"
      + id                                 = (known after apply)
      + launch_type                        = (known after apply)
      + name                               = "tf-example-ecs-ghost"
      + platform_version                   = (known after apply)
      + scheduling_strategy                = "REPLICA"
      + tags_all                           = (known after apply)
      + task_definition                    = (known after apply)
      + triggers                           = (known after apply)
      + wait_for_steady_state              = false

      + load_balancer {
          + container_name   = "ghost"
          + container_port   = 2368
          + target_group_arn = (known after apply)
        }
    }

  # module.ecs-alb.aws_ecs_task_definition.ghost will be created
  + resource "aws_ecs_task_definition" "ghost" {
      + arn                   = (known after apply)
      + arn_without_revision  = (known after apply)
      + container_definitions = jsonencode(
            [
              + {
                  + cpu              = 256
                  + essential        = true
                  + image            = "ghost:latest"
                  + logConfiguration = {
                      + logDriver = "awslogs"
                      + options   = {
                          + awslogs-group  = "tf-ecs-group/app-ghost"
                          + awslogs-region = "us-west-2"
                        }
                    }
                  + memory           = 512
                  + name             = "ghost"
                  + portMappings     = [
                      + {
                          + containerPort = 2368
                          + hostPort      = 0
                        },
                    ]
                },
            ]
        )
      + family                = "tf_example_ghost_td"
      + id                    = (known after apply)
      + network_mode          = (known after apply)
      + revision              = (known after apply)
      + skip_destroy          = false
      + tags_all              = (known after apply)
      + track_latest          = false
    }

  # module.ecs-alb.aws_iam_instance_profile.app will be created
  + resource "aws_iam_instance_profile" "app" {
      + arn         = (known after apply)
      + create_date = (known after apply)
      + id          = (known after apply)
      + name        = "tf-ecs-instprofile"
      + name_prefix = (known after apply)
      + path        = "/"
      + role        = "tf-ecs-example-instance-role"
      + tags_all    = (known after apply)
      + unique_id   = (known after apply)
    }

  # module.ecs-alb.aws_iam_role.app_instance will be created
  + resource "aws_iam_role" "app_instance" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "ec2.amazonaws.com"
                        }
                      + Sid       = ""
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "tf-ecs-example-instance-role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.ecs-alb.aws_iam_role.ecs_service will be created
  + resource "aws_iam_role" "ecs_service" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "ecs.amazonaws.com"
                        }
                      + Sid       = ""
                    },
                ]
              + Version   = "2008-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "tf_example_ecs_role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.ecs-alb.aws_iam_role_policy.ecs_service will be created
  + resource "aws_iam_role_policy" "ecs_service" {
      + id          = (known after apply)
      + name        = "tf_example_ecs_policy"
      + name_prefix = (known after apply)
      + policy      = jsonencode(
            {
              + Statement = [
                  + {
                      + Action   = [
                          + "ec2:Describe*",
                          + "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
                          + "elasticloadbalancing:DeregisterTargets",
                          + "elasticloadbalancing:Describe*",
                          + "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
                          + "elasticloadbalancing:RegisterTargets",
                        ]
                      + Effect   = "Allow"
                      + Resource = "*"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + role        = "tf_example_ecs_role"
    }

  # module.ecs-alb.aws_iam_role_policy.instance will be created
  + resource "aws_iam_role_policy" "instance" {
      + id          = (known after apply)
      + name        = "TfEcsExampleInstanceRole"
      + name_prefix = (known after apply)
      + policy      = (known after apply)
      + role        = "tf-ecs-example-instance-role"
    }

  # module.ecs-alb.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags_all = (known after apply)
      + vpc_id   = (known after apply)
    }

  # module.ecs-alb.aws_launch_configuration.app will be created
  + resource "aws_launch_configuration" "app" {
      + arn                         = (known after apply)
      + associate_public_ip_address = true
      + ebs_optimized               = (known after apply)
      + enable_monitoring           = true
      + iam_instance_profile        = "tf-ecs-instprofile"
      + id                          = (known after apply)
      + image_id                    = (sensitive value)
      + instance_type               = "t3.small"
      + key_name                    = (known after apply)
      + name                        = (known after apply)
      + name_prefix                 = (known after apply)
      + security_groups             = (known after apply)
      + user_data                   = "2ff8433d20c5b88c9d98ee879370f703e9280e55"
    }

  # module.ecs-alb.aws_route_table.r will be created
  + resource "aws_route_table" "r" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags_all         = (known after apply)
      + vpc_id           = (known after apply)
    }

  # module.ecs-alb.aws_route_table_association.a[0] will be created
  + resource "aws_route_table_association" "a" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.ecs-alb.aws_route_table_association.a[1] will be created
  + resource "aws_route_table_association" "a" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.ecs-alb.aws_security_group.instance_sg will be created
  + resource "aws_security_group" "instance_sg" {
      + arn                    = (known after apply)
      + description            = "controls direct access to application instances"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = [
                  + "1.2.3.4/32",
                ]
              + description      = ""
              + from_port        = 22
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 22
            },
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 32768
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = (known after apply)
              + self             = false
              + to_port          = 61000
            },
        ]
      + name                   = "tf-ecs-instsg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = (known after apply)
      + vpc_id                 = (known after apply)
    }

  # module.ecs-alb.aws_security_group.lb_sg will be created
  + resource "aws_security_group" "lb_sg" {
      + arn                    = (known after apply)
      + description            = "controls access to the application ELB"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 80
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 80
            },
        ]
      + name                   = "tf-ecs-lbsg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = (known after apply)
      + vpc_id                 = (known after apply)
    }

  # module.ecs-alb.aws_subnet.main[0] will be created
  + resource "aws_subnet" "main" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-west-2a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.10.0.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags_all                                       = (known after apply)
      + vpc_id                                         = (known after apply)
    }

  # module.ecs-alb.aws_subnet.main[1] will be created
  + resource "aws_subnet" "main" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-west-2b"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.10.1.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags_all                                       = (known after apply)
      + vpc_id                                         = (known after apply)
    }

  # module.ecs-alb.aws_vpc.main will be created
  + resource "aws_vpc" "main" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.10.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = (known after apply)
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags_all                             = (known after apply)
    }

  # module.eks.aws_eks_cluster.demo will be created
  + resource "aws_eks_cluster" "demo" {
      + arn                   = (known after apply)
      + certificate_authority = (known after apply)
      + cluster_id            = (known after apply)
      + created_at            = (known after apply)
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + identity              = (known after apply)
      + name                  = "terraform-eks-demo"
      + platform_version      = (known after apply)
      + role_arn              = (known after apply)
      + status                = (known after apply)
      + tags_all              = (known after apply)
      + version               = (known after apply)

      + vpc_config {
          + cluster_security_group_id = (known after apply)
          + endpoint_private_access   = false
          + endpoint_public_access    = true
          + public_access_cidrs       = (known after apply)
          + security_group_ids        = (known after apply)
          + subnet_ids                = (known after apply)
          + vpc_id                    = (known after apply)
        }
    }

  # module.eks.aws_eks_node_group.demo will be created
  + resource "aws_eks_node_group" "demo" {
      + ami_type               = (known after apply)
      + arn                    = (known after apply)
      + capacity_type          = (known after apply)
      + cluster_name           = "terraform-eks-demo"
      + disk_size              = (known after apply)
      + id                     = (known after apply)
      + instance_types         = (known after apply)
      + node_group_name        = "demo"
      + node_group_name_prefix = (known after apply)
      + node_role_arn          = (known after apply)
      + release_version        = (known after apply)
      + resources              = (known after apply)
      + status                 = (known after apply)
      + subnet_ids             = (known after apply)
      + tags_all               = (known after apply)
      + version                = (known after apply)

      + scaling_config {
          + desired_size = 1
          + max_size     = 1
          + min_size     = 1
        }
    }

  # module.eks.aws_iam_role.demo-cluster will be created
  + resource "aws_iam_role" "demo-cluster" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "eks.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "terraform-eks-demo-cluster"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.eks.aws_iam_role.demo-node will be created
  + resource "aws_iam_role" "demo-node" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "ec2.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "terraform-eks-demo-node"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.eks.aws_iam_role_policy_attachment.demo-cluster-AmazonEKSClusterPolicy will be created
  + resource "aws_iam_role_policy_attachment" "demo-cluster-AmazonEKSClusterPolicy" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
      + role       = "terraform-eks-demo-cluster"
    }

  # module.eks.aws_iam_role_policy_attachment.demo-cluster-AmazonEKSVPCResourceController will be created
  + resource "aws_iam_role_policy_attachment" "demo-cluster-AmazonEKSVPCResourceController" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController"
      + role       = "terraform-eks-demo-cluster"
    }

  # module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEC2ContainerRegistryReadOnly will be created
  + resource "aws_iam_role_policy_attachment" "demo-node-AmazonEC2ContainerRegistryReadOnly" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
      + role       = "terraform-eks-demo-node"
    }

  # module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEKSWorkerNodePolicy will be created
  + resource "aws_iam_role_policy_attachment" "demo-node-AmazonEKSWorkerNodePolicy" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
      + role       = "terraform-eks-demo-node"
    }

  # module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEKS_CNI_Policy will be created
  + resource "aws_iam_role_policy_attachment" "demo-node-AmazonEKS_CNI_Policy" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
      + role       = "terraform-eks-demo-node"
    }

  # module.eks.aws_internet_gateway.demo will be created
  + resource "aws_internet_gateway" "demo" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "Name" = "terraform-eks-demo"
        }
      + tags_all = {
          + "Name" = "terraform-eks-demo"
        }
      + vpc_id   = (known after apply)
    }

  # module.eks.aws_route_table.demo will be created
  + resource "aws_route_table" "demo" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags_all         = (known after apply)
      + vpc_id           = (known after apply)
    }

  # module.eks.aws_route_table_association.demo[0] will be created
  + resource "aws_route_table_association" "demo" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.eks.aws_route_table_association.demo[1] will be created
  + resource "aws_route_table_association" "demo" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.eks.aws_security_group.demo-cluster will be created
  + resource "aws_security_group" "demo-cluster" {
      + arn                    = (known after apply)
      + description            = "Cluster communication with worker nodes"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "terraform-eks-demo-cluster"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Name" = "terraform-eks-demo"
        }
      + tags_all               = {
          + "Name" = "terraform-eks-demo"
        }
      + vpc_id                 = (known after apply)
    }

  # module.eks.aws_security_group_rule.demo-cluster-ingress-workstation-https will be created
  + resource "aws_security_group_rule" "demo-cluster-ingress-workstation-https" {
      + cidr_blocks              = [
          + "20.51.198.167/32",
        ]
      + description              = "Allow workstation to communicate with the cluster API Server"
      + from_port                = 443
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 443
      + type                     = "ingress"
    }

  # module.eks.aws_subnet.demo[0] will be created
  + resource "aws_subnet" "demo" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-west-2a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.0.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = true
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
      + tags_all                                       = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.eks.aws_subnet.demo[1] will be created
  + resource "aws_subnet" "demo" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-west-2b"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.1.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = true
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
      + tags_all                                       = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.eks.aws_vpc.demo will be created
  + resource "aws_vpc" "demo" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = (known after apply)
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
      + tags_all                             = {
          + "Name"                                     = "terraform-eks-demo-node"
          + "kubernetes.io/cluster/terraform-eks-demo" = "shared"
        }
    }

  # module.elb.aws_elb.web will be created
  + resource "aws_elb" "web" {
      + arn                         = (known after apply)
      + availability_zones          = (known after apply)
      + connection_draining         = true
      + connection_draining_timeout = 400
      + cross_zone_load_balancing   = true
      + desync_mitigation_mode      = "defensive"
      + dns_name                    = (known after apply)
      + id                          = (known after apply)
      + idle_timeout                = 400
      + instances                   = (known after apply)
      + internal                    = (known after apply)
      + name                        = "example-elb"
      + name_prefix                 = (known after apply)
      + security_groups             = (known after apply)
      + source_security_group       = (known after apply)
      + source_security_group_id    = (known after apply)
      + subnets                     = (known after apply)
      + tags_all                    = (known after apply)
      + zone_id                     = (known after apply)

      + health_check {
          + healthy_threshold   = 2
          + interval            = 30
          + target              = "HTTP:80/"
          + timeout             = 3
          + unhealthy_threshold = 2
        }

      + listener {
          + instance_port     = 80
          + instance_protocol = "http"
          + lb_port           = 80
          + lb_protocol       = "http"
        }
    }

  # module.elb.aws_instance.web will be created
  + resource "aws_instance" "web" {
      + ami                                  = "ami-5f709f34"
      + arn                                  = (known after apply)
      + associate_public_ip_address          = (known after apply)
      + availability_zone                    = (known after apply)
      + cpu_core_count                       = (known after apply)
      + cpu_threads_per_core                 = (known after apply)
      + disable_api_stop                     = (known after apply)
      + disable_api_termination              = (known after apply)
      + ebs_optimized                        = (known after apply)
      + get_password_data                    = false
      + host_id                              = (known after apply)
      + host_resource_group_arn              = (known after apply)
      + iam_instance_profile                 = (known after apply)
      + id                                   = (known after apply)
      + instance_initiated_shutdown_behavior = (known after apply)
      + instance_lifecycle                   = (known after apply)
      + instance_state                       = (known after apply)
      + instance_type                        = "t2.micro"
      + ipv6_address_count                   = (known after apply)
      + ipv6_addresses                       = (known after apply)
      + key_name                             = "terraform-aws-provider-example"
      + monitoring                           = (known after apply)
      + outpost_arn                          = (known after apply)
      + password_data                        = (known after apply)
      + placement_group                      = (known after apply)
      + placement_partition_number           = (known after apply)
      + primary_network_interface_id         = (known after apply)
      + private_dns                          = (known after apply)
      + private_ip                           = (known after apply)
      + public_dns                           = (known after apply)
      + public_ip                            = (known after apply)
      + secondary_private_ips                = (known after apply)
      + security_groups                      = (known after apply)
      + source_dest_check                    = true
      + spot_instance_request_id             = (known after apply)
      + subnet_id                            = (known after apply)
      + tags                                 = {
          + "Name" = "elb-example"
        }
      + tags_all                             = {
          + "Name" = "elb-example"
        }
      + tenancy                              = (known after apply)
      + user_data                            = "a41cf0adaab665823c19a8f869f1cb12d597660b"
      + user_data_base64                     = (known after apply)
      + user_data_replace_on_change          = false
      + vpc_security_group_ids               = (known after apply)
    }

  # module.elb.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "Name" = "tf_test_ig"
        }
      + tags_all = {
          + "Name" = "tf_test_ig"
        }
      + vpc_id   = (known after apply)
    }

  # module.elb.aws_lb_cookie_stickiness_policy.default will be created
  + resource "aws_lb_cookie_stickiness_policy" "default" {
      + cookie_expiration_period = 600
      + id                       = (known after apply)
      + lb_port                  = 80
      + load_balancer            = (known after apply)
      + name                     = "lbpolicy"
    }

  # module.elb.aws_route_table.r will be created
  + resource "aws_route_table" "r" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Name" = "aws_route_table"
        }
      + tags_all         = {
          + "Name" = "aws_route_table"
        }
      + vpc_id           = (known after apply)
    }

  # module.elb.aws_route_table_association.a will be created
  + resource "aws_route_table_association" "a" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.elb.aws_security_group.default will be created
  + resource "aws_security_group" "default" {
      + arn                    = (known after apply)
      + description            = "Used in the terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 22
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 22
            },
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 80
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 80
            },
        ]
      + name                   = "instance_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = (known after apply)
      + vpc_id                 = (known after apply)
    }

  # module.elb.aws_security_group.elb will be created
  + resource "aws_security_group" "elb" {
      + arn                    = (known after apply)
      + description            = "Used in the terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 80
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 80
            },
        ]
      + name                   = "elb_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = (known after apply)
      + vpc_id                 = (known after apply)
    }

  # module.elb.aws_subnet.tf_test_subnet will be created
  + resource "aws_subnet" "tf_test_subnet" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = (known after apply)
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.0.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = true
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name" = "tf_test_subnet"
        }
      + tags_all                                       = {
          + "Name" = "tf_test_subnet"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.elb.aws_vpc.default will be created
  + resource "aws_vpc" "default" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = true
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Name" = "tf_test"
        }
      + tags_all                             = {
          + "Name" = "tf_test"
        }
    }

  # module.lambda-file-systems.aws_default_security_group.default will be created
  + resource "aws_default_security_group" "default" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = true
              + to_port          = 0
            },
        ]
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = (known after apply)
      + vpc_id                 = (known after apply)
    }

  # module.lambda-file-systems.aws_default_subnet.default_az1 will be created
  + resource "aws_default_subnet" "default_az1" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = (known after apply)
      + enable_dns64                                   = false
      + enable_lni_at_device_index                     = (known after apply)
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + existing_default_subnet                        = (known after apply)
      + force_destroy                                  = false
      + id                                             = (known after apply)
      + ipv6_cidr_block                                = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = true
      + outpost_arn                                    = (known after apply)
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags_all                                       = (known after apply)
      + vpc_id                                         = (known after apply)
    }

  # module.lambda-file-systems.aws_default_subnet.default_az2 will be created
  + resource "aws_default_subnet" "default_az2" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1b"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = (known after apply)
      + enable_dns64                                   = false
      + enable_lni_at_device_index                     = (known after apply)
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + existing_default_subnet                        = (known after apply)
      + force_destroy                                  = false
      + id                                             = (known after apply)
      + ipv6_cidr_block                                = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = true
      + outpost_arn                                    = (known after apply)
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags_all                                       = (known after apply)
      + vpc_id                                         = (known after apply)
    }

  # module.lambda-file-systems.aws_default_vpc.default will be created
  + resource "aws_default_vpc" "default" {
      + arn                                  = (known after apply)
      + cidr_block                           = (known after apply)
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = true
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + existing_default_vpc                 = (known after apply)
      + force_destroy                        = false
      + id                                   = (known after apply)
      + instance_tenancy                     = (known after apply)
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags_all                             = (known after apply)
    }

  # module.lambda-file-systems.aws_efs_access_point.access_point_lambda will be created
  + resource "aws_efs_access_point" "access_point_lambda" {
      + arn             = (known after apply)
      + file_system_arn = (known after apply)
      + file_system_id  = (known after apply)
      + id              = (known after apply)
      + owner_id        = (known after apply)
      + tags_all        = (known after apply)

      + posix_user {
          + gid = 1000
          + uid = 1000
        }

      + root_directory {
          + path = "/lambda"

          + creation_info {
              + owner_gid   = 1000
              + owner_uid   = 1000
              + permissions = "777"
            }
        }
    }

  # module.lambda-file-systems.aws_efs_file_system.efs_for_lambda will be created
  + resource "aws_efs_file_system" "efs_for_lambda" {
      + arn                     = (known after apply)
      + availability_zone_id    = (known after apply)
      + availability_zone_name  = (known after apply)
      + creation_token          = (known after apply)
      + dns_name                = (known after apply)
      + encrypted               = (known after apply)
      + id                      = (known after apply)
      + kms_key_id              = (known after apply)
      + name                    = (known after apply)
      + number_of_mount_targets = (known after apply)
      + owner_id                = (known after apply)
      + performance_mode        = (known after apply)
      + size_in_bytes           = (known after apply)
      + tags                    = {
          + "Name" = "efs_for_lambda"
        }
      + tags_all                = {
          + "Name" = "efs_for_lambda"
        }
      + throughput_mode         = "bursting"
    }

  # module.lambda-file-systems.aws_efs_mount_target.mount_target_az1 will be created
  + resource "aws_efs_mount_target" "mount_target_az1" {
      + availability_zone_id   = (known after apply)
      + availability_zone_name = (known after apply)
      + dns_name               = (known after apply)
      + file_system_arn        = (known after apply)
      + file_system_id         = (known after apply)
      + id                     = (known after apply)
      + ip_address             = (known after apply)
      + mount_target_dns_name  = (known after apply)
      + network_interface_id   = (known after apply)
      + owner_id               = (known after apply)
      + security_groups        = (known after apply)
      + subnet_id              = (known after apply)
    }

  # module.lambda-file-systems.aws_efs_mount_target.mount_target_az2 will be created
  + resource "aws_efs_mount_target" "mount_target_az2" {
      + availability_zone_id   = (known after apply)
      + availability_zone_name = (known after apply)
      + dns_name               = (known after apply)
      + file_system_arn        = (known after apply)
      + file_system_id         = (known after apply)
      + id                     = (known after apply)
      + ip_address             = (known after apply)
      + mount_target_dns_name  = (known after apply)
      + network_interface_id   = (known after apply)
      + owner_id               = (known after apply)
      + security_groups        = (known after apply)
      + subnet_id              = (known after apply)
    }

  # module.lambda-file-systems.aws_iam_role.iam_role_for_lambda will be created
  + resource "aws_iam_role" "iam_role_for_lambda" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "lambda.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = (known after apply)
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.lambda-file-systems.aws_iam_role_policy_attachment.AWSLambdaVPCAccessExecutionRole-attach will be created
  + resource "aws_iam_role_policy_attachment" "AWSLambdaVPCAccessExecutionRole-attach" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
      + role       = (known after apply)
    }

  # module.lambda-file-systems.aws_iam_role_policy_attachment.AmazonElasticFileSystemClientFullAccess-attach will be created
  + resource "aws_iam_role_policy_attachment" "AmazonElasticFileSystemClientFullAccess-attach" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess"
      + role       = (known after apply)
    }

  # module.lambda-file-systems.aws_lambda_function.example_lambda will be created
  + resource "aws_lambda_function" "example_lambda" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + filename                       = "hello_lambda.zip"
      + function_name                  = "hello_lambda"
      + handler                        = "hello_lambda.lambda_handler"
      + id                             = (known after apply)
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + memory_size                    = 128
      + package_type                   = "Zip"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + qualified_invoke_arn           = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + runtime                        = "python3.7"
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + skip_destroy                   = false
      + source_code_hash               = "eUlmHhO6Fix0OZDyg08kPxIQkrvsF4STLRQ2Zv3M6Es="
      + source_code_size               = (known after apply)
      + tags_all                       = (known after apply)
      + timeout                        = 60
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "greeting" = "Hello"
            }
        }

      + file_system_config {
          + arn              = (known after apply)
          + local_mount_path = "/mnt/efs"
        }

      + vpc_config {
          + ipv6_allowed_for_dual_stack = false
          + security_group_ids          = (known after apply)
          + subnet_ids                  = (known after apply)
          + vpc_id                      = (known after apply)
        }
    }

  # module.sagemaker.data.aws_iam_policy_document.foo will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "foo" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "sagemaker:*",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
        }
      + statement {
          + actions   = [
              + "cloudwatch:PutMetricData",
              + "ecr:BatchCheckLayerAvailability",
              + "ecr:BatchGetImage",
              + "ecr:GetAuthorizationToken",
              + "ecr:GetDownloadUrlForLayer",
              + "logs:CreateLogGroup",
              + "logs:CreateLogStream",
              + "logs:DescribeLogStreams",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
        }
      + statement {
          + actions   = [
              + "s3:GetObject",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
              + (known after apply),
            ]
        }
    }

  # module.sagemaker.aws_iam_policy.foo will be created
  + resource "aws_iam_policy" "foo" {
      + arn         = (known after apply)
      + description = "Allow SageMaker to create model"
      + id          = (known after apply)
      + name        = "terraform-sagemaker-example"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = (known after apply)
    }

  # module.sagemaker.aws_iam_role.foo will be created
  + resource "aws_iam_role" "foo" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "sagemaker.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "terraform-sagemaker-example"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = (known after apply)
      + unique_id             = (known after apply)
    }

  # module.sagemaker.aws_iam_role_policy_attachment.foo will be created
  + resource "aws_iam_role_policy_attachment" "foo" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "terraform-sagemaker-example"
    }

  # module.sagemaker.aws_s3_bucket.foo will be created
  + resource "aws_s3_bucket" "foo" {
      + acceleration_status         = (known after apply)
      + acl                         = (known after apply)
      + arn                         = (known after apply)
      + bucket                      = (known after apply)
      + bucket_domain_name          = (known after apply)
      + bucket_prefix               = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = true
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + object_lock_enabled         = (known after apply)
      + policy                      = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + tags_all                    = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)
    }

  # module.sagemaker.aws_s3_bucket_acl.foo_bucket_acl will be created
  + resource "aws_s3_bucket_acl" "foo_bucket_acl" {
      + acl    = "private"
      + bucket = (known after apply)
      + id     = (known after apply)
    }

  # module.sagemaker.aws_s3_object.object will be created
  + resource "aws_s3_object" "object" {
      + acl                    = (known after apply)
      + arn                    = (known after apply)
      + bucket                 = (known after apply)
      + bucket_key_enabled     = (known after apply)
      + checksum_crc32         = (known after apply)
      + checksum_crc32c        = (known after apply)
      + checksum_sha1          = (known after apply)
      + checksum_sha256        = (known after apply)
      + content_type           = (known after apply)
      + etag                   = (known after apply)
      + force_destroy          = false
      + id                     = (known after apply)
      + key                    = "model.tar.gz"
      + kms_key_id             = (known after apply)
      + server_side_encryption = (known after apply)
      + source                 = "model.tar.gz"
      + storage_class          = (known after apply)
      + tags_all               = (known after apply)
      + version_id             = (known after apply)
    }

  # module.sagemaker.aws_sagemaker_endpoint.foo will be created
  + resource "aws_sagemaker_endpoint" "foo" {
      + arn                  = (known after apply)
      + endpoint_config_name = "terraform-sagemaker-example"
      + id                   = (known after apply)
      + name                 = "terraform-sagemaker-example"
      + tags                 = {
          + "foo" = "bar"
        }
      + tags_all             = {
          + "foo" = "bar"
        }
    }

  # module.sagemaker.aws_sagemaker_endpoint_configuration.foo will be created
  + resource "aws_sagemaker_endpoint_configuration" "foo" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "terraform-sagemaker-example"
      + name_prefix = (known after apply)
      + tags        = {
          + "foo" = "bar"
        }
      + tags_all    = {
          + "foo" = "bar"
        }

      + production_variants {
          + initial_instance_count = 1
          + initial_variant_weight = 1
          + instance_type          = "ml.t2.medium"
          + model_name             = "terraform-sagemaker-example"
          + variant_name           = "variant-1"
          + volume_size_in_gb      = (known after apply)
        }
    }

  # module.sagemaker.aws_sagemaker_model.foo will be created
  + resource "aws_sagemaker_model" "foo" {
      + arn                = (known after apply)
      + execution_role_arn = (known after apply)
      + id                 = (known after apply)
      + name               = "terraform-sagemaker-example"
      + tags               = {
          + "foo" = "bar"
        }
      + tags_all           = {
          + "foo" = "bar"
        }

      + primary_container {
          + image          = "425443422359.dkr.ecr.us-west-2.amazonaws.com/foo:latest"
          + mode           = "SingleModel"
          + model_data_url = (known after apply)
        }
    }

  # module.sagemaker.random_integer.bucket_suffix will be created
  + resource "random_integer" "bucket_suffix" {
      + id     = (known after apply)
      + max    = 99999
      + min    = 1
      + result = (known after apply)
    }

Plan: 74 to add, 0 to change, 0 to destroy.

Warning: Redundant empty provider block

  on eks/providers.tf line 18:
  18: provider "http" {}

Earlier versions of Terraform used empty provider blocks ("proxy provider
configurations") for child modules to declare their need to be passed a
provider configuration by their callers. That approach was ambiguous and is
now deprecated.

If you control this module, you can migrate to the new declaration syntax by
removing all of the empty provider "http" blocks and then adding or updating
an entry like the following to the required_providers block of module.eks:
    http = {
      source = "hashicorp/http"
    }

(and one more similar warning elsewhere)

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.out

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.out"

Copy link
Contributor

github-actions bot commented Apr 5, 2024

Inkdrop Diagram

Inkdrop Diagram SVGInkdrop Data JSON. Install the Inkdrop Chrome Extension to hide this caption and enable interactive mode.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant