AWS Elastic Kubernetes Services (EKS) Terraform Module

Terraform module to provision Managed Kubernetes Clusters on AWS.

This module contains a few sub-modules under the modules folder which provides multiple options / configurations to provision Kubernetes Cluster in several different ways. Please refer to Usage section below for more details about the available options

Usage

Simple Configurations:


# EKS Cluster
  module "eks" {
    source        = "app.terraform.io/ncodelibrary/eks/aws"
    version       = "0.1.7"
    identifier    = "example"
    eks_version   = 1.18
    key_arn       = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
    subnet_ids    = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
    tags          = {
      Cost_Center = "XYZ"
    }
  }

AWS managed Nodes:

  module "eks" {
    source        = "app.terraform.io/ncodelibrary/eks/aws"
    version       = "0.1.7"
    identifier    = "example"
    eks_version   = 1.18
    key_arn       = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
    subnet_ids    = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
    tags          = {
      Cost_Center = "XYZ"
    }
  }

  module "node_group" {
    source        = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-node-group"
    version       = "0.1.7"
    node_role_arn = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
    cluster_name  = module.eks.output.eks_cluster.id
    identifier    = "dummy"
    subnet_ids    = ["subnet-xxxxxx", "subnet-xxxxxx"]
    tags          = {
      Cost_Center = "XYZ"
    }
  }

Fargate Profile

  module "eks" {
    source        = "app.terraform.io/ncodelibrary/eks/aws"
    version       = "0.1.7"
    identifier    = "example"
    eks_version   = 1.18
    key_arn       = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
    subnet_ids    = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
    tags          = {
      Cost_Center = "XYZ"
    }
  }

  module "fargate_profile" {
    source                  = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-fargate-profile"
    version                 = "0.1.7"
    pod_execution_role_arn  = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
    cluster_name            = module.eks.output.eks_cluster.id
    identifier              = "dummy-default"
    subnet_ids              = ["subnet-xxxxxx", "subnet-xxxxxx"]
    namespace               = "dummy"
    tags                    = {
                Cost_Center = "XYZ"
    }
  }

Bottlerocket Instances


  data "aws_ssm_parameter" "eks_ami" {
    name = "/aws/service/bottlerocket/aws-k8s-${var.eks_version}/x86_64/latest/image_id"
  }

  module "eks" {
    source            = "app.terraform.io/ncodelibrary/eks/aws"
    version           = "0.1.7"
    identifier        = "example"
    eks_version       = 1.18
    key_arn           = "arn:aws:kms::xxxxxxx:key/xxxx-xxxx-xxxx-xxxx"
    subnet_ids        = ["subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx", "subnet-xxxxxx"]
    tags              = {
          Cost_Center = "XYZ"
    }
  }

  module "node_group" {
    source                = "app.terraform.io/ncodelibrary/eks/aws//modules/eks-node-group"
    version               = "0.1.7"
    iam_instance_profile  = "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx"
    user_data_base64      = base64encode(local.worker_node_userdata)
    eks_cluster_id        = module.eks.output.eks_cluster.id
    instance_type         = "t3a.medium"
    identifier            = "dummy"
    image_id              = data.aws_ssm_parameter.eks_ami.value
    key_name              = "nclouds-tf"
    subnets               = ["subnet-xxxxxx", "subnet-xxxxxx"]
    tags                  = {
              Cost_Center = "XYZ"
    }
  }

Examples

Here are some working examples of using this module:

Requirements

Name	Version
terraform	>= 0.12

Providers

Name	Version
aws	n/a

Modules

No Modules.

Resources

Name
aws_eks_cluster
aws_iam_openid_connect_provider
aws_iam_role
aws_iam_role_policy_attachment

Inputs

Name	Description	Type	Default	Required
append_workspace	Appends the terraform workspace at the end of resource names, -	`bool`	`true`	no
client_id_list	A list of client IDs (also known as audiences)	`list(string)`	[ “sts.amazonaws.com” ]	no
create_oidc_provider	Create or not an OIDC Provider resource for the cluster. Default ‘true’	`bool`	`true`	no
eks_endpoint_public_access	Indicates whether or not the Amazon EKS API server is public	`bool`	`false`	no
eks_version	Desired Kubernetes master version	`string`	`"1.15"`	no
enabled_cluster_log_types	A list of the desired control plane logging to enable	`list(string)`	[ “api”, “authenticator”, “audit”, “scheduler”, “controllerManager” ]	no
identifier	The name for the cluster	`string`	n/a	yes
key_arn	Amazon Resource Name (ARN) of the Key Management Service (KMS) customer master key (CMK)	`string`	n/a	yes
public_access_cidrs	Indicates which CIDR blocks can access the Amazon EKS API server endpoint	`list(string)`	`[]`	no
security_group_ids	List of security group IDs to allow communication between your worker nodes and the Kubernetes control plane	`list(string)`	`[]`	no
subnet_ids	List of subnet IDs. Must be in at least two different availability zones	`list(string)`	n/a	yes
tags	Tags to be applied to the resource	`map`	`{}`	no
thumbprint_list	A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider’s server certificate(s)	`list(string)`	[ “9e99a48a9960b14926bb7f3b02e22da2b0ab7280” ]	no

Outputs

Name	Description
output	n/a

Contributing

If you want to contribute to this repository check all the guidelines specified here before submitting a new PR.

modules nclouds tf eks eks