From 1f22d24df63accd4446aa2079eeac9226741bde4 Mon Sep 17 00:00:00 2001
From: "Thierno IB. BARRY" <ibrahima.br@gmail.com>
Date: Tue, 25 May 2021 11:06:04 +0200
Subject: [PATCH] fix: Add back `depends_on` for `data.wait_for_cluster`
 (#1389)

---
 cluster.tf | 32 ++++++++++++--------------------
 data.tf    | 12 ++++++++++++
 2 files changed, 24 insertions(+), 20 deletions(-)

diff --git a/cluster.tf b/cluster.tf
index 7acfd3367b..94581a4de3 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -52,26 +52,6 @@ resource "aws_eks_cluster" "this" {
   ]
 }
 
-resource "aws_security_group_rule" "cluster_private_access" {
-  description = "Allow private K8S API ingress from custom source."
-  count       = var.create_eks && var.cluster_create_endpoint_private_access_sg_rule && var.cluster_endpoint_private_access ? 1 : 0
-  type        = "ingress"
-  from_port   = 443
-  to_port     = 443
-  protocol    = "tcp"
-  cidr_blocks = var.cluster_endpoint_private_access_cidrs
-
-  security_group_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
-}
-
-
-data "http" "wait_for_cluster" {
-  count          = var.create_eks && var.manage_aws_auth ? 1 : 0
-  url            = format("%s/healthz", aws_eks_cluster.this[0].endpoint)
-  ca_certificate = base64decode(coalescelist(aws_eks_cluster.this[*].certificate_authority[0].data, [""])[0])
-  timeout        = 300
-}
-
 resource "aws_security_group" "cluster" {
   count       = var.cluster_create_security_group && var.create_eks ? 1 : 0
   name_prefix = var.cluster_name
@@ -107,6 +87,18 @@ resource "aws_security_group_rule" "cluster_https_worker_ingress" {
   type                     = "ingress"
 }
 
+resource "aws_security_group_rule" "cluster_private_access" {
+  description = "Allow private K8S API ingress from custom source."
+  count       = var.create_eks && var.cluster_create_endpoint_private_access_sg_rule && var.cluster_endpoint_private_access ? 1 : 0
+  type        = "ingress"
+  from_port   = 443
+  to_port     = 443
+  protocol    = "tcp"
+  cidr_blocks = var.cluster_endpoint_private_access_cidrs
+
+  security_group_id = aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id
+}
+
 resource "aws_iam_role" "cluster" {
   count                 = var.manage_cluster_iam_resources && var.create_eks ? 1 : 0
   name_prefix           = var.cluster_iam_role_name != "" ? null : var.cluster_name
diff --git a/data.tf b/data.tf
index cc70fd509b..a7c00eb563 100644
--- a/data.tf
+++ b/data.tf
@@ -83,3 +83,15 @@ data "aws_iam_instance_profile" "custom_worker_group_launch_template_iam_instanc
 }
 
 data "aws_partition" "current" {}
+
+data "http" "wait_for_cluster" {
+  count          = var.create_eks && var.manage_aws_auth ? 1 : 0
+  url            = format("%s/healthz", aws_eks_cluster.this[0].endpoint)
+  ca_certificate = base64decode(coalescelist(aws_eks_cluster.this[*].certificate_authority[0].data, [""])[0])
+  timeout        = 300
+
+  depends_on = [
+    aws_eks_cluster.this,
+    aws_security_group_rule.cluster_private_access,
+  ]
+}