From adb47f46dc53b1a0c18691a59dc58401c327c0be Mon Sep 17 00:00:00 2001
From: Angel Moctezuma <44302055+aamoctz@users.noreply.github.com>
Date: Thu, 3 Aug 2023 16:23:36 -0700
Subject: [PATCH] feat: Add `node_iam_role_arns` local variable to check for
 Windows platform on EKS managed nodegroups (#2477)

Update node_iam_role_arns locals to check for Windows Managed Node Groups

Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
---
 main.tf                                   | 3 ++-
 modules/eks-managed-node-group/README.md  | 1 +
 modules/eks-managed-node-group/outputs.tf | 9 +++++++++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index ca0390ab7b..1e73c760e9 100644
--- a/main.tf
+++ b/main.tf
@@ -469,7 +469,7 @@ locals {
   node_iam_role_arns_non_windows = distinct(
     compact(
       concat(
-        [for group in module.eks_managed_node_group : group.iam_role_arn],
+        [for group in module.eks_managed_node_group : group.iam_role_arn if group.platform != "windows"],
         [for group in module.self_managed_node_group : group.iam_role_arn if group.platform != "windows"],
         var.aws_auth_node_iam_role_arns_non_windows,
       )
@@ -479,6 +479,7 @@ locals {
   node_iam_role_arns_windows = distinct(
     compact(
       concat(
+        [for group in module.eks_managed_node_group : group.iam_role_arn if group.platform == "windows"],
         [for group in module.self_managed_node_group : group.iam_role_arn if group.platform == "windows"],
         var.aws_auth_node_iam_role_arns_windows,
       )
diff --git a/modules/eks-managed-node-group/README.md b/modules/eks-managed-node-group/README.md
index bf3a35976a..8dcb95f02b 100644
--- a/modules/eks-managed-node-group/README.md
+++ b/modules/eks-managed-node-group/README.md
@@ -193,4 +193,5 @@ module "eks_managed_node_group" {
 | <a name="output_node_group_resources"></a> [node\_group\_resources](#output\_node\_group\_resources) | List of objects containing information about underlying resources |
 | <a name="output_node_group_status"></a> [node\_group\_status](#output\_node\_group\_status) | Status of the EKS Node Group |
 | <a name="output_node_group_taints"></a> [node\_group\_taints](#output\_node\_group\_taints) | List of objects containing information about taints applied to the node group |
+| <a name="output_platform"></a> [platform](#output\_platform) | Identifies if the OS platform is `bottlerocket`, `linux`, or `windows` based |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/modules/eks-managed-node-group/outputs.tf b/modules/eks-managed-node-group/outputs.tf
index 012cd46f4e..a72f27b347 100644
--- a/modules/eks-managed-node-group/outputs.tf
+++ b/modules/eks-managed-node-group/outputs.tf
@@ -88,3 +88,12 @@ output "iam_role_unique_id" {
   description = "Stable and unique string identifying the IAM role"
   value       = try(aws_iam_role.this[0].unique_id, null)
 }
+
+################################################################################
+# Additional
+################################################################################
+
+output "platform" {
+  description = "Identifies if the OS platform is `bottlerocket`, `linux`, or `windows` based"
+  value       = var.platform
+}