[Bug] Can't reuse instanceRoleARN in multiple nodegroups with AccessEntry #7502
Description
What were you trying to accomplish?
With the switch to access entries, creating multiple self managed nodes using the same instanceRoleARN no longer works.
What happened?
The first node successfully gets created however subsequent nodes fail to create due to the AccessEntry already existing.
How to reproduce it?
$ vi cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: test
region: us-west-2
nodeGroups:
- name: ng-1
instanceType: m5.large
desiredCapacity: 1
volumeSize: 80
iam:
instanceRoleARN: "arn:aws:iam::999999999999:role/myRole"
- name: ng-2
instanceType: m5.large
desiredCapacity: 1
volumeSize: 80
iam:
instanceRoleARN: "arn:aws:iam::999999999999:role/myRole"
$ eksctl create cluster -f cluster.yaml
// fails
Logs
2024-01-24 20:11:48 [!] 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
From CFN stack:
Logical ID: AccessEntry
Status: CREATE_FAILED
Status reason: arn:aws:iam::999999999999:role/myRole|test already exists in stack <other_nodegroup_stack>
Anything else we need to know?
Versions
$ eksctl info
eksctl version: 0.169.0
kubectl version: v1.22.0
OS: linux