fix tf code to match default subnets

.gitignore

@@ -0,0 +1 @@
+.idea

eks/data.tf

@@ -4,21 +4,11 @@
 #
 ###############################################################
 
-# Get the default VPC details
 data "aws_vpc" "default_vpc" {
   default = true
 }
 
-# Get Public IP of your broadband account. This allows us to lock down SSH access
-# into the environment from anyone other than yourself, by inserting your public
-# IP to a security group ingress rule.
-# Try this URL in your browser!
-data "http" "cloudshell_ip" {
-  url = "https://checkip.amazonaws.com/"
-}
-
-# Get the subnets to use for the cluster ti bind to and the autoscaling group
-# to place nodes in.
+# Get the subnets to use for the cluster and autoscaling group
 data "aws_subnets" "public" {
   filter {
     name   = "vpc-id"
@@ -27,14 +17,12 @@ data "aws_subnets" "public" {
   filter {
     name = "availability-zone"
     values = [
-      "${var.aws_region}a",
-      "${var.aws_region}b",
-      "${var.aws_region}c"
+      "${var.aws_region}c",
+      "${var.aws_region}d"
     ]
   }
 }
 
-# Get AMI ID for latest recommended Amazon Linux 2 image
 data "aws_ssm_parameter" "node_ami" {
   name = "/aws/service/eks/optimized-ami/1.29/amazon-linux-2/recommended/image_id"
 }

eks/eks.tf

@@ -28,7 +28,6 @@ resource "aws_iam_role_policy_attachment" "demo_eks_AmazonEKSClusterPolicy" {
 }
 
 # Optionally, enable Security Groups for Pods
-# Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html
 resource "aws_iam_role_policy_attachment" "demo_eks_AmazonEKSVPCResourceController" {
   policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController"
   role       = aws_iam_role.demo_eks.name
@@ -41,13 +40,10 @@ resource "aws_eks_cluster" "demo_eks" {
   vpc_config {
     subnet_ids = [
       data.aws_subnets.public.ids[0],
-      data.aws_subnets.public.ids[1],
-      data.aws_subnets.public.ids[2]
+      data.aws_subnets.public.ids[1]
     ]
   }
 
-  # Ensure that IAM Role permissions are created before and deleted after EKS Cluster handling.
-  # Otherwise, EKS will not be able to properly delete EKS managed EC2 infrastructure such as Security Groups.
   depends_on = [
     aws_iam_role_policy_attachment.demo_eks_AmazonEKSClusterPolicy,
     aws_iam_role_policy_attachment.demo_eks_AmazonEKSVPCResourceController,

eks/nodes.tf

@@ -200,12 +200,11 @@ resource "aws_launch_template" "node_launch_template" {
   )
 }
 
-
 # Wait for LT to settle, or CloudFormation may fail
 resource "time_sleep" "wait_30_seconds" {
   depends_on = [
     aws_launch_template.node_launch_template
-    ]
+  ]
 
   create_duration = "30s"
 }
@@ -223,7 +222,7 @@ Resources:
   NodeGroup:
     Type: AWS::AutoScaling::AutoScalingGroup
     Properties:
-      VPCZoneIdentifier: ["${data.aws_subnets.public.ids[0]}","${data.aws_subnets.public.ids[1]}", "${data.aws_subnets.public.ids[2]}"]
+      VPCZoneIdentifier: ["${data.aws_subnets.public.ids[0]}","${data.aws_subnets.public.ids[1]}"]
       MinSize: "${var.node_group_min_size}"
       MaxSize: "${var.node_group_max_size}"
       DesiredCapacity: "${var.node_group_desired_capacity}"
@@ -232,7 +231,6 @@ Resources:
         LaunchTemplateId: "${aws_launch_template.node_launch_template.id}"
         Version: "${aws_launch_template.node_launch_template.latest_version}"
     UpdatePolicy:
-    # Ignore differences in group size properties caused by scheduled actions
       AutoScalingScheduledAction:
         IgnoreUnmodifiedGroupSizeProperties: true
       AutoScalingRollingUpdate: