Not sure what the best practice is here. I've set it to use the current default CA which is valid until 2061, but maybe there's a better way to make this optional or a better way to configure it for "latest". I set up the inputs so that the cluster and the instances get the same CA because I couldn't imagine a scenario where we want them to be different.
I'm not sure why the tfscan is flagging so much stuff that's unrelated to my changes. Does that need to be fixed or can it be ignored?
Not sure what the best practice is here. I've set it to use the current default CA which is valid until 2061, but maybe there's a better way to make this optional or a better way to configure it for "latest". I set up the inputs so that the cluster and the instances get the same CA because I couldn't imagine a scenario where we want them to be different.
I'm not sure why the tfscan is flagging so much stuff that's unrelated to my changes. Does that need to be fixed or can it be ignored?