Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(eks): EKS tags do not update if edited after initial deploy #19388

Closed
Labels
@aws-cdk/aws-eks Related to Amazon Elastic Kubernetes Service bug This issue is a bug. p2

Comments

@NGL321
Copy link
Contributor

NGL321 commented Mar 14, 2022

What is the problem?

When attempting to add tags to an already-deployed EKS cluster, tags never get added to resource. There is no issue when adding tags in the initial resource creation, so this can be worked around by either destroying and redeploying the stack, or by adding tags using the AWS SDKs.

This is likely related to the fix for the previously reported issue.

Reproduction Steps

  1. Deploy below resource
const cluster = new eks.Cluster(this, 'eks3', {
    defaultCapacity: 0,
    version: eks.KubernetesVersion.V1_21,
    vpc,
    //tags: {
    //    "test": "123"
    //}
});
  1. Remove comment of tags then redeploy

What did you expect to happen?

Tags that were not created for first deployment should have been created in the update.

What actually happened?

No tags were added to Cluster resource.

CDK CLI Version

2.16.0

Framework Version

2.16.0

Node.js Version

16.9.1

OS

OSX Sierra

Language

Typescript

Language Version

No response

Other information

Best current workaround is to add tags via the SDK tagResource() property, but this does not exist within the CDK, so is unideal.

Reported internally in ticket P59680747

@NGL321 NGL321 added bug This issue is a bug. p2 @aws-cdk/aws-eks Related to Amazon Elastic Kubernetes Service labels Mar 14, 2022
@spksoft
Copy link

spksoft commented Apr 20, 2022

My team and I got this issue too ☹️

@NGL321 May I have any example code for workaround method that you suggested ?

@diranged
Copy link

diranged commented Oct 5, 2022

Chiming in - this has been open for a while and is an outstanding issue. Can someone prioritize fixing this?

@shcherbak
Copy link

No Assignees for more then a year?

@jtdroste
Copy link

The issue seems to be here: https://github.com/aws/aws-cdk/blob/v2.99.1/packages/aws-cdk-lib/aws-eks/lib/cluster-resource-handler/cluster.ts#L317

Mainly around analyzeUpdate not identifying a change in the tags, resulting in a update not processing.

@cablekevin
Copy link

Any updates on this issue? It's been almost 2 years now.

@mergify mergify bot closed this as completed in #30123 May 31, 2024
mergify bot pushed a commit that referenced this issue May 31, 2024
### Issue # (if applicable)

Closes #19388

### Reason for this change

Adding tag/untag for eks cluster post its creation

### Description of changes

Added API calls tagResource and untagResource in Cluster resource handler to handle tag changes

### Description of how you validated changes

Have tested the changes by first deploying a cluster with below config: 
```ts
const vpc = ec2.Vpc.fromLookup(stack, 'Vpc', { isDefault: true });
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
 tags: {
    foo: 'bar',
  },
});
``` 
TestCase - 1 Update to add one more tag
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    foo: 'bar',
   hello: "world"
  },
});
```
Logs - 
```
{
    "updates": {
        "replaceName": false,
        "replaceVpc": false,
        "updateAccess": false,
        "replaceRole": false,
        "updateVersion": false,
        "updateEncryption": false,
        "updateLogging": false,
        "updateTags": true
    }
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { hello: 'world' }
  },
  output: {},
  metadata: {}
}
```


TestCase2 - Add, update and remove at the same time 
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    hello: 'world1',
    foobar: 'baz',
  },
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { foobar: 'baz', hello: 'world1' }
  },
  output: {},
  metadata: {}
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foo' ]
  },
  output: {},
  metadata: {}
}
```

TestCase - 3 Remove all tags

```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```
```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foobar', 'hello' ]
  },
  output: {},
  metadata: {}
```

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

vdahlberg pushed a commit to vdahlberg/aws-cdk that referenced this issue Jun 10, 2024
### Issue # (if applicable)

Closes aws#19388

### Reason for this change

Adding tag/untag for eks cluster post its creation

### Description of changes

Added API calls tagResource and untagResource in Cluster resource handler to handle tag changes

### Description of how you validated changes

Have tested the changes by first deploying a cluster with below config: 
```ts
const vpc = ec2.Vpc.fromLookup(stack, 'Vpc', { isDefault: true });
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
 tags: {
    foo: 'bar',
  },
});
``` 
TestCase - 1 Update to add one more tag
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    foo: 'bar',
   hello: "world"
  },
});
```
Logs - 
```
{
    "updates": {
        "replaceName": false,
        "replaceVpc": false,
        "updateAccess": false,
        "replaceRole": false,
        "updateVersion": false,
        "updateEncryption": false,
        "updateLogging": false,
        "updateTags": true
    }
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { hello: 'world' }
  },
  output: {},
  metadata: {}
}
```


TestCase2 - Add, update and remove at the same time 
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    hello: 'world1',
    foobar: 'baz',
  },
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { foobar: 'baz', hello: 'world1' }
  },
  output: {},
  metadata: {}
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foo' ]
  },
  output: {},
  metadata: {}
}
```

TestCase - 3 Remove all tags

```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```
```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foobar', 'hello' ]
  },
  output: {},
  metadata: {}
```

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Leo10Gama pushed a commit to Leo10Gama/aws-cdk that referenced this issue Jun 11, 2024
### Issue # (if applicable)

Closes aws#19388

### Reason for this change

Adding tag/untag for eks cluster post its creation

### Description of changes

Added API calls tagResource and untagResource in Cluster resource handler to handle tag changes

### Description of how you validated changes

Have tested the changes by first deploying a cluster with below config: 
```ts
const vpc = ec2.Vpc.fromLookup(stack, 'Vpc', { isDefault: true });
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
 tags: {
    foo: 'bar',
  },
});
``` 
TestCase - 1 Update to add one more tag
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    foo: 'bar',
   hello: "world"
  },
});
```
Logs - 
```
{
    "updates": {
        "replaceName": false,
        "replaceVpc": false,
        "updateAccess": false,
        "replaceRole": false,
        "updateVersion": false,
        "updateEncryption": false,
        "updateLogging": false,
        "updateTags": true
    }
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { hello: 'world' }
  },
  output: {},
  metadata: {}
}
```


TestCase2 - Add, update and remove at the same time 
```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  tags: {
    hello: 'world1',
    foobar: 'baz',
  },
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```

```
{
  clientName: 'EKSClient',
  commandName: 'TagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tags: { foobar: 'baz', hello: 'world1' }
  },
  output: {},
  metadata: {}
}
```

```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foo' ]
  },
  output: {},
  metadata: {}
}
```

TestCase - 3 Remove all tags

```ts
new eks.Cluster(stack, 'Cluster', {
  vpc,
  ...getClusterVersionConfig(stack, eks.KubernetesVersion.V1_29),
  defaultCapacity: 0,
  endpointAccess: eks.EndpointAccess.PUBLIC,
  vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
});
```
```
{
  clientName: 'EKSClient',
  commandName: 'UntagResourceCommand',
  input: {
    resourceArn: 'arn:aws:eks:us-east-1:xxxxx:cluster/Cluster9EE0221C-f0d60e8e0bf14fb5896ade518b5bbc15',
    tagKeys: [ 'foobar', 'hello' ]
  },
  output: {},
  metadata: {}
```

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment