From 86b321b63716ac3b5566f0df024c125462f12691 Mon Sep 17 00:00:00 2001
From: "David.Houck" <David.Houck@sas.com>
Date: Mon, 14 Oct 2024 11:32:31 -0400
Subject: [PATCH] remove console_access access entry

---
 main.tf                         | 17 +----------------
 modules/aws_autoscaling/main.tf |  2 +-
 modules/aws_vm/main.tf          | 12 ++++++------
 modules/aws_vpc/main.tf         |  8 ++++----
 4 files changed, 12 insertions(+), 27 deletions(-)

diff --git a/main.tf b/main.tf
index 85d87e35..70b42a0e 100755
--- a/main.tf
+++ b/main.tf
@@ -170,22 +170,7 @@ module "eks" {
   enable_cluster_creator_admin_permissions = true
 
   access_entries = {
-    # access entries with a policy associated
-    console_access = {
-      kubernetes_groups = []
-      principal_arn     = "arn:aws:iam::203918876413:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_AdministratorAccess_7a114f4a1db191fc"
-      user_name         = local.aws_caller_identity_user_name
-      type              = "STANDARD"
-
-      policy_associations = {
-        console_policy_assoc = {
-          policy_arn = "arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy"
-          access_scope = {
-            type = "cluster"
-          }
-        }
-      }
-    },
+    # access entry with cluster and namespace scoped policies
     cluster_creator = {
       kubernetes_groups = ["rbac.authorization.k8s.io"]
       principal_arn     = data.aws_caller_identity.terraform.arn
diff --git a/modules/aws_autoscaling/main.tf b/modules/aws_autoscaling/main.tf
index 06d57d31..ed14d9a5 100644
--- a/modules/aws_autoscaling/main.tf
+++ b/modules/aws_autoscaling/main.tf
@@ -33,7 +33,7 @@ data "aws_iam_policy_document" "worker_autoscaling" {
       "autoscaling:SetDesiredCapacity",
       "autoscaling:TerminateInstanceInAutoScalingGroup",
       "autoscaling:UpdateAutoScalingGroup"
-      
+
     ]
 
     resources = ["*"]
diff --git a/modules/aws_vm/main.tf b/modules/aws_vm/main.tf
index cbebfd83..6eccb769 100644
--- a/modules/aws_vm/main.tf
+++ b/modules/aws_vm/main.tf
@@ -81,12 +81,12 @@ resource "aws_instance" "vm" {
     delete_on_termination = var.os_disk_delete_on_termination
     iops                  = var.os_disk_iops
     encrypted             = var.enable_ebs_encryption
-    tags                  = merge(
-                              {
-                                Name : "${var.name}-root-vol"
-                              },
-                              var.tags
-                            )
+    tags = merge(
+      {
+        Name : "${var.name}-root-vol"
+      },
+      var.tags
+    )
   }
 
   tags = merge(var.tags, tomap({ Name : "${var.name}-vm" }))
diff --git a/modules/aws_vpc/main.tf b/modules/aws_vpc/main.tf
index 32fe832a..89c82a76 100644
--- a/modules/aws_vpc/main.tf
+++ b/modules/aws_vpc/main.tf
@@ -7,13 +7,13 @@ locals {
   vpc_id           = var.vpc_id == null ? aws_vpc.vpc[0].id : data.aws_vpc.vpc[0].id
   existing_subnets = length(var.existing_subnet_ids) > 0 ? true : false
 
-  existing_public_subnets   = local.existing_subnets && contains(keys(var.existing_subnet_ids), "public") ? (length(var.existing_subnet_ids["public"]) > 0 ? true : false) : false
-  existing_private_subnets  = local.existing_subnets && contains(keys(var.existing_subnet_ids), "private") ? (length(var.existing_subnet_ids["private"]) > 0 ? true : false) : false
-  existing_database_subnets = local.existing_subnets && contains(keys(var.existing_subnet_ids), "database") ? (length(var.existing_subnet_ids["database"]) > 0 ? true : false) : false
+  existing_public_subnets        = local.existing_subnets && contains(keys(var.existing_subnet_ids), "public") ? (length(var.existing_subnet_ids["public"]) > 0 ? true : false) : false
+  existing_private_subnets       = local.existing_subnets && contains(keys(var.existing_subnet_ids), "private") ? (length(var.existing_subnet_ids["private"]) > 0 ? true : false) : false
+  existing_database_subnets      = local.existing_subnets && contains(keys(var.existing_subnet_ids), "database") ? (length(var.existing_subnet_ids["database"]) > 0 ? true : false) : false
   existing_control_plane_subnets = local.existing_subnets && contains(keys(var.existing_subnet_ids), "control_plane") ? (length(var.existing_subnet_ids["control_plane"]) > 0 ? true : false) : false
 
   #  public_subnets  = local.existing_public_subnets ? data.aws_subnet.public : aws_subnet.public # not used keeping for ref
-  private_subnets = local.existing_private_subnets ? data.aws_subnet.private : aws_subnet.private
+  private_subnets       = local.existing_private_subnets ? data.aws_subnet.private : aws_subnet.private
   control_plane_subnets = local.existing_control_plane_subnets ? data.aws_subnet.control_plane : aws_subnet.control_plane
 
   # Use private subnets if we are not creating db subnets and there are no existing db subnets