fix: shorten IAM name_prefix to stay within 38-char limit

svennam92 · svennam92 · commit 73a591a896c9 · 2026-04-14T00:42:25.000-05:00
diff --git a/manifests/modules/fastpaths/developers/.workshop/terraform/preprovision/fluent-bit.tf b/manifests/modules/fastpaths/developers/.workshop/terraform/preprovision/fluent-bit.tf
@@ -16,7 +16,7 @@ resource "aws_cloudwatch_log_group" "fluentbit" {
 
 # IAM role for FluentBit with CloudWatch write permissions using Pod Identity
 resource "aws_iam_role" "auto_fluentbit" {
-  name_prefix = "${var.eks_cluster_auto_id}-fluent-bit-"
+  name_prefix = "${var.eks_cluster_auto_id}-fb-"
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"
@@ -37,7 +37,7 @@ resource "aws_iam_role" "auto_fluentbit" {
 
 # IAM policy for FluentBit CloudWatch log write access
 resource "aws_iam_policy" "auto_fluentbit_cloudwatch" {
-  name_prefix = "${var.eks_cluster_auto_id}-fluent-bit-"
+  name_prefix = "${var.eks_cluster_auto_id}-fb-pol-"
   description = "CloudWatch Logs policy for FluentBit"
 
   policy = jsonencode({
diff --git a/manifests/modules/fastpaths/developers/.workshop/terraform/preprovision/secrets-manager.tf b/manifests/modules/fastpaths/developers/.workshop/terraform/preprovision/secrets-manager.tf
@@ -55,7 +55,7 @@ resource "helm_release" "external_secrets" {
 
 # IAM role for Secrets Manager access using Pod Identity
 resource "aws_iam_role" "secrets_manager_role" {
-  name_prefix = "${var.eks_cluster_auto_id}-secrets-"
+  name_prefix = "${var.eks_cluster_auto_id}-sm-"
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"
@@ -76,7 +76,7 @@ resource "aws_iam_role" "secrets_manager_role" {
 
 # IAM policy for Secrets Manager access (keeping same permissions)
 resource "aws_iam_policy" "secrets_manager" {
-  name_prefix = "${var.eks_cluster_auto_id}-secrets-manager-"
+  name_prefix = "${var.eks_cluster_auto_id}-sm-pol-"
   policy      = <<POLICY
 {
   "Version": "2012-10-17",
@@ -126,7 +126,7 @@ locals {
 
 # IAM role for Secrets Manager access using Pod Identity
 resource "aws_iam_role" "external_secrets" {
-  name_prefix = "${var.eks_cluster_auto_id}-external-secrets"
+  name_prefix = "${var.eks_cluster_auto_id}-eso-"
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"
@@ -147,7 +147,7 @@ resource "aws_iam_role" "external_secrets" {
 
 # IAM policy for Secrets Manager access (keeping same permissions)
 resource "aws_iam_policy" "external_secrets" {
-  name_prefix = "${var.eks_cluster_auto_id}-secrets-manager-"
+  name_prefix = "${var.eks_cluster_auto_id}-eso-pol-"
   policy      = <<POLICY
 {
   "Version": "2012-10-17",
