diff --git a/modules/aws/irsa/main.tf b/modules/aws/irsa/main.tf index ad9133d..c26085c 100644 --- a/modules/aws/irsa/main.tf +++ b/modules/aws/irsa/main.tf @@ -65,8 +65,9 @@ resource "aws_s3_bucket" "oidc" { bucket = var.oidc_s3_bucket tags = merge( + var.extra_tags, { "Name" = "${var.name}-oidc-${md5("${var.name}-oidc")}" }, - var.extra_tags) + ) } resource "aws_s3_bucket_acl" "oidc" { @@ -85,10 +86,10 @@ resource "aws_s3_object" "discovery_json" { issuer_host = "https://${local.odic_servername}/${var.oidc_s3_bucket}" }) - tags = merge({ + tags = { "Name" = "discovery.json" "Role" = "k8s-master" - }, var.extra_tags) + } } data "local_file" "keys_json" { @@ -106,8 +107,8 @@ resource "aws_s3_object" "keys_json" { acl = "public-read" content_type = "application/json" - tags = merge({ + tags = { "Name" = "keys.json" "Role" = "k8s-master" - }, var.extra_tags) + } } diff --git a/modules/aws/kube-etcd/ignition.tf b/modules/aws/kube-etcd/ignition.tf index 5ce8c70..c36e1cc 100644 --- a/modules/aws/kube-etcd/ignition.tf +++ b/modules/aws/kube-etcd/ignition.tf @@ -89,11 +89,11 @@ resource "aws_s3_object" "ignition" { server_side_encryption = "AES256" - tags = merge(var.extra_tags, { + tags = { "Name" = "ign-etcd-${var.name}.json" "Role" = "etcd" "kubernetes.io/cluster/${var.name}" = "owned" - }) + } } diff --git a/modules/aws/kube-master/ignition.tf b/modules/aws/kube-master/ignition.tf index e069305..99f8654 100644 --- a/modules/aws/kube-master/ignition.tf +++ b/modules/aws/kube-master/ignition.tf @@ -167,11 +167,11 @@ resource "aws_s3_object" "admin_kubeconfig" { server_side_encryption = "AES256" content_type = "text/plain" - tags = merge(var.extra_tags, { + tags = { "Name" = "admin.conf" "Role" = "k8s-master" "kubernetes.io/cluster/${var.name}" = "owned" - }) + } } // TODO: use AWS Secrets Manager to store this, or encryption by KMS. @@ -184,11 +184,11 @@ resource "aws_s3_object" "bootstrapping_kubeconfig" { server_side_encryption = "AES256" content_type = "text/plain" - tags = merge(var.extra_tags, { + tags = { "Name" = "bootstrap-kubelet.conf" "Role" = "k8s-master" "kubernetes.io/cluster/${var.name}" = "owned" - }) + } } resource "aws_s3_object" "ignition" { @@ -198,11 +198,11 @@ resource "aws_s3_object" "ignition" { server_side_encryption = "AES256" - tags = merge(var.extra_tags, { + tags = { "Name" = "ign-master-${var.name}.json" "Role" = "k8s-master" "kubernetes.io/cluster/${var.name}" = "owned" - }) + } } data "ignition_config" "s3" { diff --git a/modules/aws/kube-worker/ignition.tf b/modules/aws/kube-worker/ignition.tf index 5d4b1d8..3a88fc3 100644 --- a/modules/aws/kube-worker/ignition.tf +++ b/modules/aws/kube-worker/ignition.tf @@ -106,11 +106,11 @@ resource "aws_s3_object" "ignition" { server_side_encryption = "AES256" - tags = merge(var.extra_tags, { + tags = { "Name" = "ign-worker-${var.instance_config["name"]}.json" "Role" = "k8s-worker" "kubernetes.io/cluster/${var.name}" = "owned" - }) + } } data "ignition_config" "s3" {