From c4c8a40827b0b5bd54f39f63c311c2167db0207c Mon Sep 17 00:00:00 2001 From: John Gardiner Myers Date: Mon, 2 Oct 2023 21:34:29 -0700 Subject: [PATCH] hack/update-expected.sh --- .../ipv6/expected-v1alpha2.yaml | 2 +- .../bastionadditional_user-data/kubernetes.tf | 7 ++-- .../update_cluster/complex/kubernetes.tf | 14 ++++--- .../minimal-dns-none/kubernetes.tf | 14 ++++--- .../minimal-ipv6-calico/kubernetes.tf | 41 ++++++++++--------- .../minimal-ipv6-cilium/kubernetes.tf | 41 ++++++++++--------- .../kubernetes.tf | 41 ++++++++++--------- .../update_cluster/minimal-ipv6/kubernetes.tf | 41 ++++++++++--------- .../private-shared-ip/kubernetes.tf | 7 ++-- .../private-shared-subnet/kubernetes.tf | 7 ++-- .../privatecalico/kubernetes.tf | 7 ++-- .../update_cluster/privatecanal/kubernetes.tf | 7 ++-- .../privatecilium-eni/kubernetes.tf | 7 ++-- .../privatecilium/kubernetes.tf | 7 ++-- .../privatecilium2/kubernetes.tf | 7 ++-- .../privateciliumadvanced/kubernetes.tf | 7 ++-- .../update_cluster/privatedns1/kubernetes.tf | 7 ++-- .../update_cluster/privatedns2/kubernetes.tf | 7 ++-- .../privateflannel/kubernetes.tf | 7 ++-- .../privatekopeio/kubernetes.tf | 7 ++-- .../shared_vpc_ipv6/kubernetes.tf | 41 ++++++++++--------- .../update_cluster/unmanaged/kubernetes.tf | 7 ++-- 22 files changed, 178 insertions(+), 155 deletions(-) diff --git a/tests/integration/create_cluster/ipv6/expected-v1alpha2.yaml b/tests/integration/create_cluster/ipv6/expected-v1alpha2.yaml index 6e869b192bac5..d6d4524afa4d1 100644 --- a/tests/integration/create_cluster/ipv6/expected-v1alpha2.yaml +++ b/tests/integration/create_cluster/ipv6/expected-v1alpha2.yaml @@ -87,7 +87,7 @@ spec: minSize: 1 role: Master subnets: - - dualstack-us-test-1a + - us-test-1a --- diff --git a/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf b/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf index 0209bd70b9913..5143fb357dcdf 100644 --- a/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf +++ b/tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf @@ -803,9 +803,10 @@ resource "aws_lb_target_group" "bastion-bastionuserdata-e-4grhsv" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-bastionuserdata-e-4grhsv" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-bastionuserdata-e-4grhsv" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "bastionuserdata.example.com" "Name" = "bastion-bastionuserdata-e-4grhsv" diff --git a/tests/integration/update_cluster/complex/kubernetes.tf b/tests/integration/update_cluster/complex/kubernetes.tf index 5c65a98dd0be4..68ccd5de2e4f4 100644 --- a/tests/integration/update_cluster/complex/kubernetes.tf +++ b/tests/integration/update_cluster/complex/kubernetes.tf @@ -683,9 +683,10 @@ resource "aws_lb_target_group" "tcp-complex-example-com-vpjolq" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-complex-example-com-vpjolq" - port = 443 - protocol = "TCP" + ip_address_type = "ipv4" + name = "tcp-complex-example-com-vpjolq" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "complex.example.com" "Name" = "tcp-complex-example-com-vpjolq" @@ -705,9 +706,10 @@ resource "aws_lb_target_group" "tls-complex-example-com-5nursn" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tls-complex-example-com-5nursn" - port = 443 - protocol = "TLS" + ip_address_type = "ipv4" + name = "tls-complex-example-com-5nursn" + port = 443 + protocol = "TLS" tags = { "KubernetesCluster" = "complex.example.com" "Name" = "tls-complex-example-com-5nursn" diff --git a/tests/integration/update_cluster/minimal-dns-none/kubernetes.tf b/tests/integration/update_cluster/minimal-dns-none/kubernetes.tf index df8650e6631d7..4baa3f3b76ade 100644 --- a/tests/integration/update_cluster/minimal-dns-none/kubernetes.tf +++ b/tests/integration/update_cluster/minimal-dns-none/kubernetes.tf @@ -612,9 +612,10 @@ resource "aws_lb_target_group" "kops-controller-minimal-e-uvauf3" { protocol = "TCP" unhealthy_threshold = 2 } - name = "kops-controller-minimal-e-uvauf3" - port = 3988 - protocol = "TCP" + ip_address_type = "ipv4" + name = "kops-controller-minimal-e-uvauf3" + port = 3988 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal.example.com" "Name" = "kops-controller-minimal-e-uvauf3" @@ -632,9 +633,10 @@ resource "aws_lb_target_group" "tcp-minimal-example-com-5905t8" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-example-com-5905t8" - port = 443 - protocol = "TCP" + ip_address_type = "ipv4" + name = "tcp-minimal-example-com-5905t8" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal.example.com" "Name" = "tcp-minimal-example-com-5905t8" diff --git a/tests/integration/update_cluster/minimal-ipv6-calico/kubernetes.tf b/tests/integration/update_cluster/minimal-ipv6-calico/kubernetes.tf index 2576479b16c98..8be40a7c9dbd7 100644 --- a/tests/integration/update_cluster/minimal-ipv6-calico/kubernetes.tf +++ b/tests/integration/update_cluster/minimal-ipv6-calico/kubernetes.tf @@ -652,9 +652,10 @@ resource "aws_lb_target_group" "tcp-minimal-ipv6-example--bne5ih" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-ipv6-example--bne5ih" - port = 443 - protocol = "TCP" + ip_address_type = "ipv6" + name = "tcp-minimal-ipv6-example--bne5ih" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal-ipv6.example.com" "Name" = "tcp-minimal-ipv6-example--bne5ih" @@ -1212,33 +1213,33 @@ resource "aws_security_group_rule" "icmp-pmtu-api-elb-0-0-0-0--0" { type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-cp-to-elb" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { + from_port = -1 + ipv6_cidr_blocks = ["::/0"] + protocol = "icmpv6" + security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id + to_port = -1 + type = "ingress" +} + +resource "aws_security_group_rule" "icmpv6-pmtu-cp-to-elb" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-elb-to-cp" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-elb-to-cp" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { - from_port = -1 - ipv6_cidr_blocks = ["::/0"] - protocol = "icmpv6" - security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = -1 - type = "ingress" -} - resource "aws_sqs_queue" "minimal-ipv6-example-com-nth" { message_retention_seconds = 300 name = "minimal-ipv6-example-com-nth" diff --git a/tests/integration/update_cluster/minimal-ipv6-cilium/kubernetes.tf b/tests/integration/update_cluster/minimal-ipv6-cilium/kubernetes.tf index b95b25f989bed..142a894c1e905 100644 --- a/tests/integration/update_cluster/minimal-ipv6-cilium/kubernetes.tf +++ b/tests/integration/update_cluster/minimal-ipv6-cilium/kubernetes.tf @@ -652,9 +652,10 @@ resource "aws_lb_target_group" "tcp-minimal-ipv6-example--bne5ih" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-ipv6-example--bne5ih" - port = 443 - protocol = "TCP" + ip_address_type = "ipv6" + name = "tcp-minimal-ipv6-example--bne5ih" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal-ipv6.example.com" "Name" = "tcp-minimal-ipv6-example--bne5ih" @@ -1203,33 +1204,33 @@ resource "aws_security_group_rule" "icmp-pmtu-api-elb-0-0-0-0--0" { type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-cp-to-elb" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { + from_port = -1 + ipv6_cidr_blocks = ["::/0"] + protocol = "icmpv6" + security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id + to_port = -1 + type = "ingress" +} + +resource "aws_security_group_rule" "icmpv6-pmtu-cp-to-elb" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-elb-to-cp" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-elb-to-cp" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { - from_port = -1 - ipv6_cidr_blocks = ["::/0"] - protocol = "icmpv6" - security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = -1 - type = "ingress" -} - resource "aws_sqs_queue" "minimal-ipv6-example-com-nth" { message_retention_seconds = 300 name = "minimal-ipv6-example-com-nth" diff --git a/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/kubernetes.tf b/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/kubernetes.tf index c22b297be92fe..ae7bc5b3d5f3b 100644 --- a/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/kubernetes.tf +++ b/tests/integration/update_cluster/minimal-ipv6-no-subnet-prefix/kubernetes.tf @@ -652,9 +652,10 @@ resource "aws_lb_target_group" "tcp-minimal-ipv6-example--bne5ih" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-ipv6-example--bne5ih" - port = 443 - protocol = "TCP" + ip_address_type = "ipv6" + name = "tcp-minimal-ipv6-example--bne5ih" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal-ipv6.example.com" "Name" = "tcp-minimal-ipv6-example--bne5ih" @@ -1195,33 +1196,33 @@ resource "aws_security_group_rule" "icmp-pmtu-api-elb-0-0-0-0--0" { type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-cp-to-elb" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { + from_port = -1 + ipv6_cidr_blocks = ["::/0"] + protocol = "icmpv6" + security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id + to_port = -1 + type = "ingress" +} + +resource "aws_security_group_rule" "icmpv6-pmtu-cp-to-elb" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-elb-to-cp" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-elb-to-cp" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { - from_port = -1 - ipv6_cidr_blocks = ["::/0"] - protocol = "icmpv6" - security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = -1 - type = "ingress" -} - resource "aws_sqs_queue" "minimal-ipv6-example-com-nth" { message_retention_seconds = 300 name = "minimal-ipv6-example-com-nth" diff --git a/tests/integration/update_cluster/minimal-ipv6/kubernetes.tf b/tests/integration/update_cluster/minimal-ipv6/kubernetes.tf index daf244dc4dd32..1892b7ca8e687 100644 --- a/tests/integration/update_cluster/minimal-ipv6/kubernetes.tf +++ b/tests/integration/update_cluster/minimal-ipv6/kubernetes.tf @@ -652,9 +652,10 @@ resource "aws_lb_target_group" "tcp-minimal-ipv6-example--bne5ih" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-ipv6-example--bne5ih" - port = 443 - protocol = "TCP" + ip_address_type = "ipv6" + name = "tcp-minimal-ipv6-example--bne5ih" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal-ipv6.example.com" "Name" = "tcp-minimal-ipv6-example--bne5ih" @@ -1195,33 +1196,33 @@ resource "aws_security_group_rule" "icmp-pmtu-api-elb-0-0-0-0--0" { type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-cp-to-elb" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { + from_port = -1 + ipv6_cidr_blocks = ["::/0"] + protocol = "icmpv6" + security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id + to_port = -1 + type = "ingress" +} + +resource "aws_security_group_rule" "icmpv6-pmtu-cp-to-elb" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-elb-to-cp" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-elb-to-cp" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { - from_port = -1 - ipv6_cidr_blocks = ["::/0"] - protocol = "icmpv6" - security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = -1 - type = "ingress" -} - resource "aws_sqs_queue" "minimal-ipv6-example-com-nth" { message_retention_seconds = 300 name = "minimal-ipv6-example-com-nth" diff --git a/tests/integration/update_cluster/private-shared-ip/kubernetes.tf b/tests/integration/update_cluster/private-shared-ip/kubernetes.tf index 8675c58304676..7e77fd5b81020 100644 --- a/tests/integration/update_cluster/private-shared-ip/kubernetes.tf +++ b/tests/integration/update_cluster/private-shared-ip/kubernetes.tf @@ -784,9 +784,10 @@ resource "aws_lb_target_group" "bastion-private-shared-ip-eepmph" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-private-shared-ip-eepmph" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-private-shared-ip-eepmph" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "private-shared-ip.example.com" "Name" = "bastion-private-shared-ip-eepmph" diff --git a/tests/integration/update_cluster/private-shared-subnet/kubernetes.tf b/tests/integration/update_cluster/private-shared-subnet/kubernetes.tf index 3b48357183ffd..191506ad01552 100644 --- a/tests/integration/update_cluster/private-shared-subnet/kubernetes.tf +++ b/tests/integration/update_cluster/private-shared-subnet/kubernetes.tf @@ -779,9 +779,10 @@ resource "aws_lb_target_group" "bastion-private-shared-su-5ol32q" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-private-shared-su-5ol32q" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-private-shared-su-5ol32q" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "private-shared-subnet.example.com" "Name" = "bastion-private-shared-su-5ol32q" diff --git a/tests/integration/update_cluster/privatecalico/kubernetes.tf b/tests/integration/update_cluster/privatecalico/kubernetes.tf index 2c23d1615dd17..795efe7b91e39 100644 --- a/tests/integration/update_cluster/privatecalico/kubernetes.tf +++ b/tests/integration/update_cluster/privatecalico/kubernetes.tf @@ -798,9 +798,10 @@ resource "aws_lb_target_group" "bastion-privatecalico-exa-hocohm" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatecalico-exa-hocohm" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatecalico-exa-hocohm" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatecalico.example.com" "Name" = "bastion-privatecalico-exa-hocohm" diff --git a/tests/integration/update_cluster/privatecanal/kubernetes.tf b/tests/integration/update_cluster/privatecanal/kubernetes.tf index 84cdfc2927e7f..35cea0fc644d2 100644 --- a/tests/integration/update_cluster/privatecanal/kubernetes.tf +++ b/tests/integration/update_cluster/privatecanal/kubernetes.tf @@ -802,9 +802,10 @@ resource "aws_lb_target_group" "bastion-privatecanal-exam-hmhsp5" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatecanal-exam-hmhsp5" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatecanal-exam-hmhsp5" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatecanal.example.com" "Name" = "bastion-privatecanal-exam-hmhsp5" diff --git a/tests/integration/update_cluster/privatecilium-eni/kubernetes.tf b/tests/integration/update_cluster/privatecilium-eni/kubernetes.tf index 71e93ebb1dd28..106adc352e7d7 100644 --- a/tests/integration/update_cluster/privatecilium-eni/kubernetes.tf +++ b/tests/integration/update_cluster/privatecilium-eni/kubernetes.tf @@ -802,9 +802,10 @@ resource "aws_lb_target_group" "bastion-privatecilium-exa-l2ms01" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatecilium-exa-l2ms01" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatecilium-exa-l2ms01" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatecilium.example.com" "Name" = "bastion-privatecilium-exa-l2ms01" diff --git a/tests/integration/update_cluster/privatecilium/kubernetes.tf b/tests/integration/update_cluster/privatecilium/kubernetes.tf index 71e93ebb1dd28..106adc352e7d7 100644 --- a/tests/integration/update_cluster/privatecilium/kubernetes.tf +++ b/tests/integration/update_cluster/privatecilium/kubernetes.tf @@ -802,9 +802,10 @@ resource "aws_lb_target_group" "bastion-privatecilium-exa-l2ms01" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatecilium-exa-l2ms01" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatecilium-exa-l2ms01" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatecilium.example.com" "Name" = "bastion-privatecilium-exa-l2ms01" diff --git a/tests/integration/update_cluster/privatecilium2/kubernetes.tf b/tests/integration/update_cluster/privatecilium2/kubernetes.tf index 6b22a6111e479..53226945b5be5 100644 --- a/tests/integration/update_cluster/privatecilium2/kubernetes.tf +++ b/tests/integration/update_cluster/privatecilium2/kubernetes.tf @@ -802,9 +802,10 @@ resource "aws_lb_target_group" "bastion-privatecilium-exa-l2ms01" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatecilium-exa-l2ms01" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatecilium-exa-l2ms01" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatecilium.example.com" "Name" = "bastion-privatecilium-exa-l2ms01" diff --git a/tests/integration/update_cluster/privateciliumadvanced/kubernetes.tf b/tests/integration/update_cluster/privateciliumadvanced/kubernetes.tf index 5ae576329e2c7..4a845998870b7 100644 --- a/tests/integration/update_cluster/privateciliumadvanced/kubernetes.tf +++ b/tests/integration/update_cluster/privateciliumadvanced/kubernetes.tf @@ -819,9 +819,10 @@ resource "aws_lb_target_group" "bastion-privateciliumadva-0jni40" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privateciliumadva-0jni40" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privateciliumadva-0jni40" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privateciliumadvanced.example.com" "Name" = "bastion-privateciliumadva-0jni40" diff --git a/tests/integration/update_cluster/privatedns1/kubernetes.tf b/tests/integration/update_cluster/privatedns1/kubernetes.tf index 7cb63a4d39dc1..c1fa916ce6803 100644 --- a/tests/integration/update_cluster/privatedns1/kubernetes.tf +++ b/tests/integration/update_cluster/privatedns1/kubernetes.tf @@ -884,9 +884,10 @@ resource "aws_lb_target_group" "bastion-privatedns1-examp-mbgbef" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatedns1-examp-mbgbef" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatedns1-examp-mbgbef" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatedns1.example.com" "Name" = "bastion-privatedns1-examp-mbgbef" diff --git a/tests/integration/update_cluster/privatedns2/kubernetes.tf b/tests/integration/update_cluster/privatedns2/kubernetes.tf index 0338a1d005846..790e3e9cbebf1 100644 --- a/tests/integration/update_cluster/privatedns2/kubernetes.tf +++ b/tests/integration/update_cluster/privatedns2/kubernetes.tf @@ -793,9 +793,10 @@ resource "aws_lb_target_group" "bastion-privatedns2-examp-e704o2" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatedns2-examp-e704o2" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatedns2-examp-e704o2" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatedns2.example.com" "Name" = "bastion-privatedns2-examp-e704o2" diff --git a/tests/integration/update_cluster/privateflannel/kubernetes.tf b/tests/integration/update_cluster/privateflannel/kubernetes.tf index d835b398c5b11..83a7ff7c7b187 100644 --- a/tests/integration/update_cluster/privateflannel/kubernetes.tf +++ b/tests/integration/update_cluster/privateflannel/kubernetes.tf @@ -802,9 +802,10 @@ resource "aws_lb_target_group" "bastion-privateflannel-ex-753531" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privateflannel-ex-753531" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privateflannel-ex-753531" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privateflannel.example.com" "Name" = "bastion-privateflannel-ex-753531" diff --git a/tests/integration/update_cluster/privatekopeio/kubernetes.tf b/tests/integration/update_cluster/privatekopeio/kubernetes.tf index dc839f69b247b..2888ce2d360ed 100644 --- a/tests/integration/update_cluster/privatekopeio/kubernetes.tf +++ b/tests/integration/update_cluster/privatekopeio/kubernetes.tf @@ -811,9 +811,10 @@ resource "aws_lb_target_group" "bastion-privatekopeio-exa-d8ef8e" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-privatekopeio-exa-d8ef8e" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-privatekopeio-exa-d8ef8e" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "privatekopeio.example.com" "Name" = "bastion-privatekopeio-exa-d8ef8e" diff --git a/tests/integration/update_cluster/shared_vpc_ipv6/kubernetes.tf b/tests/integration/update_cluster/shared_vpc_ipv6/kubernetes.tf index cab1d640feb94..cd8f40bcee657 100644 --- a/tests/integration/update_cluster/shared_vpc_ipv6/kubernetes.tf +++ b/tests/integration/update_cluster/shared_vpc_ipv6/kubernetes.tf @@ -634,9 +634,10 @@ resource "aws_lb_target_group" "tcp-minimal-ipv6-example--bne5ih" { protocol = "TCP" unhealthy_threshold = 2 } - name = "tcp-minimal-ipv6-example--bne5ih" - port = 443 - protocol = "TCP" + ip_address_type = "ipv6" + name = "tcp-minimal-ipv6-example--bne5ih" + port = 443 + protocol = "TCP" tags = { "KubernetesCluster" = "minimal-ipv6.example.com" "Name" = "tcp-minimal-ipv6-example--bne5ih" @@ -1177,33 +1178,33 @@ resource "aws_security_group_rule" "icmp-pmtu-api-elb-0-0-0-0--0" { type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-cp-to-elb" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { + from_port = -1 + ipv6_cidr_blocks = ["::/0"] + protocol = "icmpv6" + security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id + to_port = -1 + type = "ingress" +} + +resource "aws_security_group_rule" "icmpv6-pmtu-cp-to-elb" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmp-pmtu-elb-to-cp" { - from_port = 3 - protocol = "icmp" +resource "aws_security_group_rule" "icmpv6-pmtu-elb-to-cp" { + from_port = -1 + protocol = "icmpv6" security_group_id = aws_security_group.masters-minimal-ipv6-example-com.id source_security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = 4 + to_port = -1 type = "ingress" } -resource "aws_security_group_rule" "icmpv6-pmtu-api-elb-__--0" { - from_port = -1 - ipv6_cidr_blocks = ["::/0"] - protocol = "icmpv6" - security_group_id = aws_security_group.api-elb-minimal-ipv6-example-com.id - to_port = -1 - type = "ingress" -} - resource "aws_sqs_queue" "minimal-ipv6-example-com-nth" { message_retention_seconds = 300 name = "minimal-ipv6-example-com-nth" diff --git a/tests/integration/update_cluster/unmanaged/kubernetes.tf b/tests/integration/update_cluster/unmanaged/kubernetes.tf index 70b6f3f850ace..be65806f6ccbe 100644 --- a/tests/integration/update_cluster/unmanaged/kubernetes.tf +++ b/tests/integration/update_cluster/unmanaged/kubernetes.tf @@ -787,9 +787,10 @@ resource "aws_lb_target_group" "bastion-unmanaged-example-d7bn3d" { protocol = "TCP" unhealthy_threshold = 2 } - name = "bastion-unmanaged-example-d7bn3d" - port = 22 - protocol = "TCP" + ip_address_type = "ipv4" + name = "bastion-unmanaged-example-d7bn3d" + port = 22 + protocol = "TCP" tags = { "KubernetesCluster" = "unmanaged.example.com" "Name" = "bastion-unmanaged-example-d7bn3d"