"Error: Resource Not Implemented" for "kubernetes_manifest"

[mentos1386]

Terraform Version, Provider Version and Kubernetes Version

Terraform version: v1.6.6
Kubernetes provider version: v2.25.0
Kubernetes version: v1.25 on EKS 

Affected Resource(s)

• kubernetes_manifest

Terraform Configuration Files

variables.tf

variable "cluster_oidc_issuer_url" {
  type = string
}

variable "cluster_name" {
  type = string
}

variable "environment" {
  type = string
}

variable "domain_zones" {
  type = set(string)
}

variable "create_crd_depending_resources" {
  type        = bool
  default     = false
}

variable "tags" {
  type = map(string)
}

cert_manager.tf

module "iam-assumable-role-cert-manager" {
  source                        = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
  version                       = "~>4.9"
  create_role                   = true
  role_name                     = "${var.cluster_name}-cert-manager-irsa"
  provider_url                  = replace(var.cluster_oidc_issuer_url, "https://", "")
  role_policy_arns              = [aws_iam_policy.cert-manager.arn]
  number_of_role_policy_arns    = 1
  oidc_fully_qualified_subjects = ["system:serviceaccount:kube-system:cert-manager"]
}

resource "aws_iam_policy" "cert-manager" {
  name   = "${var.cluster_name}-cert-manager"
  policy = data.aws_iam_policy_document.cert-manager.json
}

data "aws_iam_policy_document" "cert-manager" {

  statement {
    effect = "Allow"
    actions = [
      "route53:GetChange",
    ]
    resources = ["arn:aws:route53:::change/*"]
  }

  statement {
    effect = "Allow"
    actions = [
      "route53:ChangeResourceRecordSets",
      "route53:ListResourceRecordSets"
    ]
    resources = ["arn:aws:route53:::hostedzone/*"]
  }

  statement {
    effect = "Allow"
    actions = [
      "route53:ListHostedZonesByName",
    ]
    resources = ["*"]
  }
}

# https://artifacthub.io/packages/helm/cert-manager/cert-manager
resource "helm_release" "cert-manager" {
  repository = "https://charts.jetstack.io"
  name       = "cert-manager"
  chart      = "cert-manager"
  version    = "1.12.2"
  namespace  = "kube-system"
  values = [<<-VALUES
    installCRDs: true
    securityContext:
      fsGroup: 1001
    serviceAccount:
      name: cert-manager
      annotations:
        eks.amazonaws.com/role-arn: "${module.iam-assumable-role-cert-manager.iam_role_arn}"
    VALUES
  ]
}

resource "kubernetes_manifest" "cert-managaer-cluster-issuer" {
  count = var.create_crd_depending_resources ? 1 : 0

  depends_on = [
    helm_release.cert-manager
  ]

  manifest = {
    apiVersion = "cert-manager.io/v1"
    kind       = "ClusterIssuer"
    metadata = {
      name = "default"
    }
    spec = {
      acme = {
        email  = "email@example.com"
        server = "https://acme-v02.api.letsencrypt.org/directory"
        privateKeySecretRef = {
          name = "acme-default"
        }
        solvers = [for zone in var.domain_zones : {
          selector = {
            dnsZones = [
              zone
            ]
          }
          dns01 = {
            route53 = {
              region       = data.aws_region.current.name
              hostedZoneID = data.aws_route53_zone.zones[zone].zone_id
            }
          }
        }]
      }
    }
  }
}

Debug Output

Panic Output

 Error: Resource Not Implemented

  with module.eks-addons.kubernetes_manifest.cert-managaer-cluster-issuer,
  on /tmp/terraform-data-dir/modules/eks-addons/modules/eks-addons/cert_manager.tf line 64, in resource "kubernetes_manifest" "cert-managaer-cluster-issuer":
  64: resource "kubernetes_manifest" "cert-managaer-cluster-issuer" {

The combined provider does not implement the requested resource type. This is
always an issue in the provider implementation and should be reported to the
provider developers.

Missing resource type: kubernetes_manifest

Steps to Reproduce

1. terraform apply

Expected Behavior

To not fail.

Actual Behavior

It fails.

Important Factoids

References

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[pfallasro]

Hello,

I'm also being impacted by this issue, would appreciate some more details.

[marcispauls]

similar issues

[erikrin]

Same issue. Pining version to 2.24.0 helped for the moment.

[Taronyuu]

We've also been hit with this issue, for now we have decided to pin our Terraform provider version to 2.24.0 which is the most recent after the 2.25.0 version. Snippet from our main.tf file:

terraform {
  required_version = "~> 1.3"

  required_providers {
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "~> 2.20, < 2.25"
    }
  }

  backend "azurerm" {}
}

Edit: Got ninja'd by Erik 🥷

[smhick]

also affected by this issue here is an output from our lint check

Terraform has been successfully initialized!
Terraform validate
==================
╷
│ Error: Resource Not Implemented
│ 
│   with kubernetes_manifest.webcam_probes,
│   on k8s-prometheus-probes.tf line 1, in resource "kubernetes_manifest" "webcam_probes":
│    1: resource "kubernetes_manifest" "webcam_probes" {
│ 
│ The combined provider does not implement the requested resource type. This
│ is always an issue in the provider implementation and should be reported to
│ the provider developers.
│ 
│ Missing resource type: kubernetes_manifest
╵
╷
│ Error: Resource Not Implemented
│ 
│   with kubernetes_manifest.promtail_rules,
│   on k8s-prometheusrules.tf line 1, in resource "kubernetes_manifest" "promtail_rules":
│    1: resource "kubernetes_manifest" "promtail_rules" {
│ 
│ The combined provider does not implement the requested resource type. This
│ is always an issue in the provider implementation and should be reported to
│ the provider developers.
│ 
│ Missing resource type: kubernetes_manifest

rolled back to 2.24.0 for now

[diegofrata]

Yep getting the same issue, pinning to 2.24.

[jrhouston]

Thank you for reporting this @mentos1386. We have a hotfix for this coming very shortly. Please pin to the previous version of the provider in the meantime.