terraform apply failing if cluster name is taken from ssm parameter

[yjagdale]

Description

I am trying to pull the cluster name from ssm parameter and pass name to blueprint. example:

data "aws_ssm_parameter" "cluster_name" {
  name = "/dev1/eks/cluster_name"
}

module "eks_blueprints" {
  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.21.0"

  cluster_name              = data.aws_ssm_parameter.cluster_name.value
  cluster_version           = var.eks_versions_eks
  vpc_id                    = local.vpc_id
  private_subnet_ids        = local.private_subnets
  cluster_enabled_log_types = var.logging
  cluster_service_ipv4_cidr = var.eks_service_cidr

  managed_node_groups = local.managed_node_groups
  platform_teams      = {
    admin = {
      users = [var.eks_admin_arn]
    }
  }
  map_roles = [
    {
      rolearn  = var.eks_admin_arn
      username = var.eks_admin_role_name
      groups   = ["system:masters"]
    },
  ]
  tags = var.eks_tags
}

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]:

• Terraform version: v1.3.7

• Provider version(s):

Reproduction Code [Required]

Steps to reproduce the behaviour:

Create SSM parameter with the name /dev1/eks/cluster_name Create Provider with following value:

data "aws_ssm_parameter" "cluster_name" {
  name = "/dev1/eks/cluster_name"
}

Create main.tf

module "eks_blueprints" {
  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.21.0"

  # EKS CLUSTER
  # cluster_ip_family  = "ipv6"
  cluster_name              = data.aws_ssm_parameter.cluster_name.value
  cluster_version           = var.eks_versions_eks
  vpc_id                    = local.vpc_id
  private_subnet_ids        = local.private_subnets
  cluster_enabled_log_types = var.logging
  cluster_service_ipv4_cidr = var.eks_service_cidr

  # EKS MANAGED NODE GROUPS
  managed_node_groups = local.managed_node_groups
  platform_teams      = {
    admin = {
      users = [var.eks_admin_arn]
    }
  }
  map_roles = [
    {
      rolearn  = var.eks_admin_arn
      username = var.eks_admin_role_name
      groups   = ["system:masters"]
    },
  ]
  tags = var.eks_tags
}

Expected behaviour

Cluster name should be pulled from ssm parameter

Actual behaviour

╷
│ Error: Invalid for_each argument
│
│   on .terraform/modules/eks_blueprints.aws_eks.kms/main.tf line 252, in resource "aws_kms_alias" "this":
│  252:   for_each = { for k, v in toset(var.aliases) : k => v if var.create }
│     ├────────────────
│     │ var.aliases is list of string with 1 element
│     │ var.create is false
│
│ Sensitive values, or values derived from sensitive values, cannot be used
│ as for_each arguments. If used, the sensitive value could be exposed as a
│ resource instance key.
╵

Terminal Output Screenshot(s)

Additional context

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions[bot]]

Issue closed due to inactivity.