From 4c0c4c49a611e0d7dcaff334fc7862c31732d1f0 Mon Sep 17 00:00:00 2001
From: Dawid Rogaczewski <dawid.rogaczewski@raise.com>
Date: Thu, 12 Mar 2020 11:50:41 +0100
Subject: [PATCH] change conditional for irsa.tf (#783)

---
 CHANGELOG.md | 1 +
 irsa.tf      | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 19b346234c..5388e9878d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
 - Add `default_cooldown` and `health_check_grace_period` options to workers ASG (by @ArieLevs)
 - Fix support for ASG max instance lifetime for workers (by @barryib)
 - Add support for envelope encryption of Secrets (by @babilen5)
+- Fix issue with terraform plan phase when IRSA was enabled and create_eks switches to false (by @daroga0002)
 - **Breaking:** Added support for EKS 1.15 (by @sc250024)
 
 # History
diff --git a/irsa.tf b/irsa.tf
index 08096d8f08..11c0cc735c 100644
--- a/irsa.tf
+++ b/irsa.tf
@@ -8,7 +8,7 @@
 # https://github.com/terraform-providers/terraform-provider-aws/issues/10104
 
 resource "aws_iam_openid_connect_provider" "oidc_provider" {
-  count           = var.enable_irsa ? 1 : 0
+  count           = var.enable_irsa && var.create_eks ? 1 : 0
   client_id_list  = ["sts.amazonaws.com"]
   thumbprint_list = [var.eks_oidc_root_ca_thumbprint]
   url             = flatten(concat(aws_eks_cluster.this[*].identity[*].oidc.0.issuer, [""]))[0]