Skip to content

Commit

Permalink
Add some default tags to the AWS resources for the EKS cluster.
Browse files Browse the repository at this point in the history 
This adds some of the tags from the [tagging guide] from the previous
ECS project. I've omitted `chargeable_entity` and `environment` because
those might need a bit of a rethink in light of the switch to
Kubernetes. (For example is the "environment" the same thing from an
infrastructure perspective as it is from the
cluster-user/developer/application perspective?)

The idea here is really just to define a place to put the common tags so
that we continue to set them in the right way. Using [provider default
tags] (relatively new feature) is now the cleanest way to do this.

Thanks to @kerin for the suggestion of using provider default tags.

One caveat is that the default tags aren't propagated to ASGs, so this
doesn't currently tag the node pool ASG. Passing the same set of tags to
the `eks` module in order to tag the ASG doesn't work, because the TF
provider unhelpfully forbids individual resources from overriding
provider-specific tags because of a design limitation of TF. (See
hashicorp/terraform-provider-aws#19204.)

[tagging guide]: https://github.com/alphagov/govuk-infrastructure/blob/main/terraform/docs/tagging-guide.md
[provider default tags]: https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider
  • Loading branch information
@sengi
sengi committed Aug 20, 2021
1 parent fafc98b commit 954c0c9
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions terraform/deployments/cluster-infrastructure/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,13 @@ terraform {

provider "aws" {
region = "eu-west-1"
default_tags {
tags = {
project = "replatforming"
repository = "govuk-infrastructure"
terraform_deployment = basename(abspath(path.root))
}
}
}

module "eks" {
Expand Down

3 comments on commit 954c0c9

@kerin
Copy link
Contributor

@kerin kerin commented on 954c0c9 Aug 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for flagging up the ASG limitation, I'd missed that - does the workaround in their blog post work with the EKS module?

@sengi
Copy link
Contributor Author

@sengi sengi commented on 954c0c9 Aug 20, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for flagging up the ASG limitation, I'd missed that - does the workaround in their blog post work with the EKS module?

I didn't see any way to pass tags down to just the ASG (only the tags var which it uses for everything, understandably). So I think we'd have to make a change to the module in order to use the workaround. It's super frustrating that TF complains with Error: "tags" are identical to those in the "default_tags" configuration block of the provider: please de-duplicate and try again on all the module's other resources if we just pass the same set of tags for the module's tags var. I was expecting it to be a no-op if the tags were the same and to add the missing tags on the ASG :(

@kerin
Copy link
Contributor

@kerin kerin commented on 954c0c9 Aug 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's an open issue for this in the module's repo fwiw.

Please sign in to comment.