Is this a request for help?:
No

-->

Version of Helm and Kubernetes:
Using Terraform helm provider:

provider "helm" {
  version        = "~> 0.7.0"
  install_tiller = true

EKS cluster v1.11

Which chart:
stable/heapster

What happened:
Heapster no longer works on EKS, because the kubelet on the new AMI no longer listens on theon --read-ony-port 10255, which had disabled in the latest AMI release as per the K8s upstream stream project's hardening changes.
kubernetes/kubeadm#732
kubernetes/kubernetes#59666

Tried the solution described here:
awslabs/amazon-eks-ami#128

What you expected to happen:
Heapster is deployed succesfully.

How to reproduce it (as minimally and precisely as possible):

resource "helm_release" "heapster" {
      name     = "heapster"
      chart    = "stable/heapster"
      namespace = "kube-system"
      # Heapster needs permissions to access the cluster
      set {
        name   = "rbac.create"
        value  = "true"
      }
      # Readonly port was disabled by AMI maintainers in adhering to k8s hardening guidelines, so we need to target the new secure port here
      # https://github.com/awslabs/amazon-eks-ami/issues/128
      set {
        name   = "command"
        value  = "/heapster --source=kubernetes:kubernetes:https://kubernetes.default?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250&insecure=true"
      }
}

terraform apply
Error: Error applying plan:

1 error(s) occurred:

• module.monitoring.helm_release.heapster: 1 error(s) occurred:

• helm_release.heapster: rpc error: code = Unknown desc = render error in "heapster/templates/deployment.yaml": template: heapster/templates/deployment.yaml:53:27: executing "heapster/templates/deployment.yaml" at <.Values.command>: range can't iterate over /heapster --source=kubernetes:kubernetes:https://kubernetes.default?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250&insecure=true

**Anything else we need to know**: