AWS Elastic Kubernetes Services (EKS) Terraform Module
Terraform module to provision Managed Kubernetes Clusters
on AWS.
This module contains a few sub-modules under the modules
folder which provides multiple options / configurations to provision Kubernetes Cluster in several different ways.
Please refer to Usage section below for more details about the available options
Usage
Simple Configurations:
# EKS Cluster
module "eks" {
source = "app.terraform.io/ncodelibrary/eks/aws"
version = "0.1.7"
identifier = "example"
eks_version = 1.18
key_arn = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
AWS managed Nodes:
module "eks" {
source = "app.terraform.io/ncodelibrary/eks/aws"
version = "0.1.7"
identifier = "example"
eks_version = 1.18
key_arn = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
module "node_group" {
source = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-node-group"
version = "0.1.7"
node_role_arn = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
cluster_name = module.eks.output.eks_cluster.id
identifier = "dummy"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
Fargate Profile
module "eks" {
source = "app.terraform.io/ncodelibrary/eks/aws"
version = "0.1.7"
identifier = "example"
eks_version = 1.18
key_arn = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
module "fargate_profile" {
source = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-fargate-profile"
version = "0.1.7"
pod_execution_role_arn = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
cluster_name = module.eks.output.eks_cluster.id
identifier = "dummy-default"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx"]
namespace = "dummy"
tags = {
Cost_Center = "XYZ"
}
}
Bottlerocket Instances
data "aws_ssm_parameter" "eks_ami" {
name = "/aws/service/bottlerocket/aws-k8s-${var.eks_version}/x86_64/latest/image_id"
}
module "eks" {
source = "app.terraform.io/ncodelibrary/eks/aws"
version = "0.1.7"
identifier = "example"
eks_version = 1.18
key_arn = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
subnet_ids = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
module "node_group" {
source = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-node-group"
version = "0.1.7"
iam_instance_profile = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
user_data_base64 = base64encode(local.worker_node_userdata)
eks_cluster_id = module.eks.output.eks_cluster.id
instance_type = "t3a.medium"
identifier = "dummy"
image_id = data.aws_ssm_parameter.eks_ami.value
key_name = "nclouds-tf"
subnets = ["subnet-xxxxxx", "subnet-xxxxxx"]
tags = {
Cost_Center = "XYZ"
}
}
Examples
Here are some working examples of using this module:
Requirements
Name | Version |
---|---|
terraform | >= 0.12 |
Providers
Name | Version |
---|---|
aws | n/a |
Modules
No Modules.
Resources
Name |
---|
aws_eks_cluster |
aws_iam_openid_connect_provider |
aws_iam_role |
aws_iam_role_policy_attachment |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
append_workspace | Appends the terraform workspace at the end of resource names, |
bool |
true |
no |
client_id_list | A list of client IDs (also known as audiences) | list(string) |
[ |
no |
create_oidc_provider | Create or not an OIDC Provider resource for the cluster. Default ‘true’ | bool |
true |
no |
eks_endpoint_public_access | Indicates whether or not the Amazon EKS API server is public | bool |
false |
no |
eks_version | Desired Kubernetes master version | string |
"1.15" |
no |
enabled_cluster_log_types | A list of the desired control plane logging to enable | list(string) |
[ |
no |
identifier | The name for the cluster | string |
n/a | yes |
key_arn | Amazon Resource Name (ARN) of the Key Management Service (KMS) customer master key (CMK) | string |
n/a | yes |
public_access_cidrs | Indicates which CIDR blocks can access the Amazon EKS API server endpoint | list(string) |
[] |
no |
security_group_ids | List of security group IDs to allow communication between your worker nodes and the Kubernetes control plane | list(string) |
[] |
no |
subnet_ids | List of subnet IDs. Must be in at least two different availability zones | list(string) |
n/a | yes |
tags | Tags to be applied to the resource | map |
{} |
no |
thumbprint_list | A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider’s server certificate(s) | list(string) |
[ |
no |
Outputs
Name | Description |
---|---|
output | n/a |
Contributing
If you want to contribute to this repository check all the guidelines specified here before submitting a new PR.