From 7af398e6fca62c2e642f3d29d86f9b8d134ebd58 Mon Sep 17 00:00:00 2001
From: xpk <xpk@headdesk.me>
Date: Wed, 20 Dec 2023 12:03:49 +0800
Subject: [PATCH] UPD: changed bastion SG. also tried to downgrade EKS but it
 was not supported by AWS

---
 examples/eks-managed-nodegroup/bastion.tf | 8 +++++++-
 examples/eks-managed-nodegroup/main.tf    | 2 +-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/examples/eks-managed-nodegroup/bastion.tf b/examples/eks-managed-nodegroup/bastion.tf
index 9f4f105..274c0b4 100644
--- a/examples/eks-managed-nodegroup/bastion.tf
+++ b/examples/eks-managed-nodegroup/bastion.tf
@@ -6,7 +6,7 @@ module "bastion" {
   ami                         = data.aws_ami.this.id
   ignore_ami_changes          = true
   subnet_id                   = var.subnet_ids[0]
-  vpc_security_group_ids      = [module.sg.id, "sg-0735e2bab44a525b8"]
+  vpc_security_group_ids      = [module.sg.id, module.eks.cluster_primary_security_group_id]
   create_iam_instance_profile = true
   iam_role_description        = "IAM role for EC2 instance"
   iam_role_policies = {
@@ -30,6 +30,12 @@ module "bastion" {
     http_tokens                 = "required"
     http_put_response_hop_limit = 2
   }
+  user_data = <<EOF
+#!/bin/bash
+curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
+chmod 755 kubectl
+mv kubectl /usr/local/bin/
+EOF
 }
 
 module "sg" {
diff --git a/examples/eks-managed-nodegroup/main.tf b/examples/eks-managed-nodegroup/main.tf
index 03f6aca..1eca844 100644
--- a/examples/eks-managed-nodegroup/main.tf
+++ b/examples/eks-managed-nodegroup/main.tf
@@ -16,7 +16,7 @@ module "eks" {
 
   cluster_name                   = "lab-ken2026-eks01"
   cluster_endpoint_public_access = true
-  cluster_version                = "1.28"
+  cluster_version                = "1.27"
 
   cluster_addons = {
     coredns = {