search

kubernetes-sigs / cluster-api-provider-aws

Kubernetes Cluster API Provider AWS provides consistent deployment and day 2 operations of "self-managed" and EKS Kubernetes clusters on AWS.
http://cluster-api-aws.sigs.k8s.io/
Apache License 2.0
643 stars 569 forks source link

Feature Flag TagUnmanagedNetworkResources does not work if network resources have internal aws tags #5120

Closed fiunchinho closed 1 day ago

fiunchinho commented 1 month ago

/kind bug

What steps did you take and what happened: We want to use already existing subnets. But we want to enable the TagUnmanagedNetworkResources feature flag, so that we can manage the subnet tags. But the subnets were created using CloudFormation, so they contain some tags of the form aws::cloudformation::*. When trying to add or delete tags of that form, the AWS API returns an error, because those are reserved/internal AWS tags.

InvalidParameterValue: Value ( aws:cloudformation:stack-name ) for parameter key is invalid. Tag keys starting with 'aws:' are reserved for internal use

What did you expect to happen: When enabling the TagUnmanagedNetworkResources feature flag, VPC and subnets are reconciled without errors, and tags are applied normally.

Anything else you would like to add: Would it be possible to change CAPA code so that it ignores tags that start with aws:?

Environment:

dlipovetsky commented 1 month ago

/triage accepted /priority important-longterm