Difference between revisions of "Terraform EKS: terraform apply"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | [[Terraform EKS]]: terraform apply | + | [[Terraform EKS]]: [[terraform apply]] |
.../... | .../... | ||
+ resource "[[aws_security_group]]" "worker_group_mgmt_one" { | + resource "[[aws_security_group]]" "worker_group_mgmt_one" { | ||
Line 463: | Line 463: | ||
} | } | ||
− | # module.eks.aws_iam_role_policy_attachment. | + | # module.eks.aws_iam_role_policy_attachment.cluster_[[AmazonEKSServicePolicy]][0] will be created |
+ resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" { | + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" { | ||
+ id = (known after apply) | + id = (known after apply) | ||
Line 896: | Line 896: | ||
+ id = (known after apply) | + id = (known after apply) | ||
+ ipv6_cidr_block_association_id = (known after apply) | + ipv6_cidr_block_association_id = (known after apply) | ||
− | + map_public_ip_on_launch = false | + | + [[map_public_ip_on_launch]] = false |
+ owner_id = (known after apply) | + owner_id = (known after apply) | ||
+ tags = (known after apply) | + tags = (known after apply) | ||
Line 1,047: | Line 1,047: | ||
* <code>[[terraform show]]</code> | * <code>[[terraform show]]</code> | ||
* <code>[[terraform plan]]</code> | * <code>[[terraform plan]]</code> | ||
+ | * [[Deploy EKS cluster using Terraform]] | ||
== See also == | == See also == |
Latest revision as of 18:33, 10 June 2022
Terraform EKS: terraform apply .../... + resource "aws_security_group" "worker_group_mgmt_one" { + arn = (known after apply) + description = "Managed by Terraform" + egress = (known after apply) + id = (known after apply) + ingress = [ + { + cidr_blocks = [ + "10.0.0.0/8", ] + description = "" + from_port = 22 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 22 }, ] + name = (known after apply) + name_prefix = "worker_group_mgmt_one" + owner_id = (known after apply) + revoke_rules_on_delete = false + tags_all = (known after apply) + vpc_id = (known after apply) }
# aws_security_group.worker_group_mgmt_two will be created + resource "aws_security_group" "worker_group_mgmt_two" { + arn = (known after apply) + description = "Managed by Terraform" + egress = (known after apply) + id = (known after apply) + ingress = [ + { + cidr_blocks = [ + "192.168.0.0/16", ] + description = "" + from_port = 22 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 22 }, ] + name = (known after apply) + name_prefix = "worker_group_mgmt_two" + owner_id = (known after apply) + revoke_rules_on_delete = false + tags_all = (known after apply) + vpc_id = (known after apply) }
# random_string.suffix will be created + resource "random_string" "suffix" { + id = (known after apply) + length = 8 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 0 + min_upper = 0 + number = true + result = (known after apply) + special = false + upper = true }
# module.eks.data.http.wait_for_cluster[0] will be read during apply # (config refers to values not yet known) <= data "http" "wait_for_cluster" { + body = (known after apply) + ca_certificate = (known after apply) + id = (known after apply) + response_headers = (known after apply) + timeout = 300 + url = (known after apply) }
# module.eks.aws_autoscaling_group.workers[0] will be created + resource "aws_autoscaling_group" "workers" { + arn = (known after apply) + availability_zones = (known after apply) + capacity_rebalance = false + default_cooldown = (known after apply) + desired_capacity = 2 + force_delete = false + force_delete_warm_pool = false + health_check_grace_period = 300 + health_check_type = (known after apply) + id = (known after apply) + launch_configuration = (known after apply) + max_instance_lifetime = 0 + max_size = 3 + metrics_granularity = "1Minute" + min_size = 1 + name = (known after apply) + name_prefix = (known after apply) + protect_from_scale_in = false + service_linked_role_arn = (known after apply) + suspended_processes = [ + "AZRebalance", ] + termination_policies = [] + vpc_zone_identifier = (known after apply) + wait_for_capacity_timeout = "10m"
+ tag { + key = "Environment" + propagate_at_launch = true + value = "training" } + tag { + key = "GithubOrg" + propagate_at_launch = true + value = "terraform-aws-modules" } + tag { + key = "GithubRepo" + propagate_at_launch = true + value = "terraform-aws-eks" } + tag { + key = "Name" + propagate_at_launch = true + value = (known after apply) } + tag { + key = (known after apply) + propagate_at_launch = true + value = "owned" } + tag { + key = (known after apply) + propagate_at_launch = true + value = "owned" } }
# module.eks.aws_autoscaling_group.workers[1] will be created + resource "aws_autoscaling_group" "workers" { + arn = (known after apply) + availability_zones = (known after apply) + capacity_rebalance = false + default_cooldown = (known after apply) + desired_capacity = 1 + force_delete = false + force_delete_warm_pool = false + health_check_grace_period = 300 + health_check_type = (known after apply) + id = (known after apply) + launch_configuration = (known after apply) + max_instance_lifetime = 0 + max_size = 3 + metrics_granularity = "1Minute" + min_size = 1 + name = (known after apply) + name_prefix = (known after apply) + protect_from_scale_in = false + service_linked_role_arn = (known after apply) + suspended_processes = [ + "AZRebalance", ] + termination_policies = [] + vpc_zone_identifier = (known after apply) + wait_for_capacity_timeout = "10m"
+ tag { + key = "Environment" + propagate_at_launch = true + value = "training" } + tag { + key = "GithubOrg" + propagate_at_launch = true + value = "terraform-aws-modules" } + tag { + key = "GithubRepo" + propagate_at_launch = true + value = "terraform-aws-eks" } + tag { + key = "Name" + propagate_at_launch = true + value = (known after apply) } + tag { + key = (known after apply) + propagate_at_launch = true + value = "owned" } + tag { + key = (known after apply) + propagate_at_launch = true + value = "owned" } }
# module.eks.aws_eks_cluster.this[0] will be created + resource "aws_eks_cluster" "this" { + arn = (known after apply) + certificate_authority = (known after apply) + created_at = (known after apply) + endpoint = (known after apply) + id = (known after apply) + identity = (known after apply) + name = (known after apply) + platform_version = (known after apply) + role_arn = (known after apply) + status = (known after apply) + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + version = "1.20"
+ kubernetes_network_config { + service_ipv4_cidr = (known after apply) }
+ timeouts { + create = "30m" + delete = "15m" + update = "60m" }
+ vpc_config { + cluster_security_group_id = (known after apply) + endpoint_private_access = false + endpoint_public_access = true + public_access_cidrs = [ + "0.0.0.0/0", ] + security_group_ids = (known after apply) + subnet_ids = (known after apply) + vpc_id = (known after apply) } }
# module.eks.aws_iam_instance_profile.workers[0] will be created + resource "aws_iam_instance_profile" "workers" { + arn = (known after apply) + create_date = (known after apply) + id = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + path = "/" + role = (known after apply) + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + unique_id = (known after apply) }
# module.eks.aws_iam_instance_profile.workers[1] will be created + resource "aws_iam_instance_profile" "workers" { + arn = (known after apply) + create_date = (known after apply) + id = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + path = "/" + role = (known after apply) + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + unique_id = (known after apply) }
# module.eks.aws_iam_policy.cluster_deny_log_group[0] will be created + resource "aws_iam_policy" "cluster_deny_log_group" { + arn = (known after apply) + description = "Deny CreateLogGroup" + id = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + path = "/" + policy = jsonencode( { + Statement = [ + { + Action = "logs:CreateLogGroup" + Effect = "Deny" + Resource = "*" + Sid = "" }, ] + Version = "2012-10-17" } ) + policy_id = (known after apply) + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } }
# module.eks.aws_iam_policy.cluster_elb_sl_role_creation[0] will be created + resource "aws_iam_policy" "cluster_elb_sl_role_creation" { + arn = (known after apply) + description = "Permissions for EKS to create AWSServiceRoleForElasticLoadBalancing service-linked role" + id = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + path = "/" + policy = jsonencode( { + Statement = [ + { + Action = [ + "ec2:DescribeInternetGateways", + "ec2:DescribeAddresses", + "ec2:DescribeAccountAttributes", ] + Effect = "Allow" + Resource = "*" + Sid = "" }, ] + Version = "2012-10-17" } ) + policy_id = (known after apply) + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } }
# module.eks.aws_iam_role.cluster[0] will be created + resource "aws_iam_role" "cluster" { + arn = (known after apply) + assume_role_policy = jsonencode( { + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "eks.amazonaws.com" } + Sid = "EKSClusterAssumeRole" }, ] + Version = "2012-10-17" } ) + create_date = (known after apply) + force_detach_policies = true + id = (known after apply) + managed_policy_arns = (known after apply) + max_session_duration = 3600 + name = (known after apply) + name_prefix = (known after apply) + path = "/" + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + unique_id = (known after apply)
+ inline_policy { + name = (known after apply) + policy = (known after apply) } }
# module.eks.aws_iam_role.workers[0] will be created + resource "aws_iam_role" "workers" { + arn = (known after apply) + assume_role_policy = jsonencode( { + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "ec2.amazonaws.com" } + Sid = "EKSWorkerAssumeRole" }, ] + Version = "2012-10-17" } ) + create_date = (known after apply) + force_detach_policies = true + id = (known after apply) + managed_policy_arns = (known after apply) + max_session_duration = 3600 + name = (known after apply) + name_prefix = (known after apply) + path = "/" + tags = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + tags_all = { + "Environment" = "training" + "GithubOrg" = "terraform-aws-modules" + "GithubRepo" = "terraform-aws-eks" } + unique_id = (known after apply)
+ inline_policy { + name = (known after apply) + policy = (known after apply) } }
# module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSClusterPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSServicePolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy" + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_AmazonEKSVPCResourceControllerPolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController" + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.cluster_deny_log_group[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_deny_log_group" { + id = (known after apply) + policy_arn = (known after apply) + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0] will be created + resource "aws_iam_role_policy_attachment" "cluster_elb_sl_role_creation" { + id = (known after apply) + policy_arn = (known after apply) + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0] will be created + resource "aws_iam_role_policy_attachment" "workers_AmazonEC2ContainerRegistryReadOnly" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly" + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0] will be created + resource "aws_iam_role_policy_attachment" "workers_AmazonEKSWorkerNodePolicy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" + role = (known after apply) }
# module.eks.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0] will be created + resource "aws_iam_role_policy_attachment" "workers_AmazonEKS_CNI_Policy" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" + role = (known after apply) }
# module.eks.aws_launch_configuration.workers[0] will be created + resource "aws_launch_configuration" "workers" { + arn = (known after apply) + associate_public_ip_address = false + ebs_optimized = false + enable_monitoring = true + iam_instance_profile = (known after apply) + id = (known after apply) + image_id = "ami-0c9f07c8fbe372099" + instance_type = "t2.small" + key_name = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + security_groups = (known after apply) + user_data_base64 = (known after apply)
+ ebs_block_device { + delete_on_termination = (known after apply) + device_name = (known after apply) + encrypted = (known after apply) + iops = (known after apply) + no_device = (known after apply) + snapshot_id = (known after apply) + throughput = (known after apply) + volume_size = (known after apply) + volume_type = (known after apply) }
+ metadata_options { + http_endpoint = "enabled" + http_put_response_hop_limit = (known after apply) + http_tokens = "optional" }
+ root_block_device { + delete_on_termination = true + encrypted = false + iops = 0 + throughput = (known after apply) + volume_size = 100 + volume_type = "gp2" } }
# module.eks.aws_launch_configuration.workers[1] will be created + resource "aws_launch_configuration" "workers" { + arn = (known after apply) + associate_public_ip_address = false + ebs_optimized = false + enable_monitoring = true + iam_instance_profile = (known after apply) + id = (known after apply) + image_id = "ami-0c9f07c8fbe372099" + instance_type = "t2.medium" + key_name = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + security_groups = (known after apply) + user_data_base64 = (known after apply)
+ ebs_block_device { + delete_on_termination = (known after apply) + device_name = (known after apply) + encrypted = (known after apply) + iops = (known after apply) + no_device = (known after apply) + snapshot_id = (known after apply) + throughput = (known after apply) + volume_size = (known after apply) + volume_type = (known after apply) }
+ metadata_options { + http_endpoint = "enabled" + http_put_response_hop_limit = (known after apply) + http_tokens = "optional" }
+ root_block_device { + delete_on_termination = true + encrypted = false + iops = 0 + throughput = (known after apply) + volume_size = 100 + volume_type = "gp2" } }
# module.eks.aws_security_group.cluster[0] will be created + resource "aws_security_group" "cluster" { + arn = (known after apply) + description = "EKS cluster security group." + egress = (known after apply) + id = (known after apply) + ingress = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + owner_id = (known after apply) + revoke_rules_on_delete = false + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.eks.aws_security_group.workers[0] will be created + resource "aws_security_group" "workers" { + arn = (known after apply) + description = "Security group for all nodes in the cluster." + egress = (known after apply) + id = (known after apply) + ingress = (known after apply) + name = (known after apply) + name_prefix = (known after apply) + owner_id = (known after apply) + revoke_rules_on_delete = false + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.eks.aws_security_group_rule.cluster_egress_internet[0] will be created + resource "aws_security_group_rule" "cluster_egress_internet" { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "Allow cluster egress access to the Internet." + from_port = 0 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 0 + type = "egress" }
# module.eks.aws_security_group_rule.cluster_https_worker_ingress[0] will be created + resource "aws_security_group_rule" "cluster_https_worker_ingress" { + description = "Allow pods to communicate with the EKS cluster API." + from_port = 443 + id = (known after apply) + protocol = "tcp" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 443 + type = "ingress" }
# module.eks.aws_security_group_rule.workers_egress_internet[0] will be created + resource "aws_security_group_rule" "workers_egress_internet" { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "Allow nodes all egress to the Internet." + from_port = 0 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 0 + type = "egress" }
# module.eks.aws_security_group_rule.workers_ingress_cluster[0] will be created + resource "aws_security_group_rule" "workers_ingress_cluster" { + description = "Allow workers pods to receive communication from the cluster control plane." + from_port = 1025 + id = (known after apply) + protocol = "tcp" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 65535 + type = "ingress" }
# module.eks.aws_security_group_rule.workers_ingress_cluster_https[0] will be created + resource "aws_security_group_rule" "workers_ingress_cluster_https" { + description = "Allow pods running extension API servers on port 443 to receive communication from cluster control plane." + from_port = 443 + id = (known after apply) + protocol = "tcp" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 443 + type = "ingress" }
# module.eks.aws_security_group_rule.workers_ingress_self[0] will be created + resource "aws_security_group_rule" "workers_ingress_self" { + description = "Allow node to communicate with each other." + from_port = 0 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 65535 + type = "ingress" }
# module.eks.kubernetes_config_map.aws_auth[0] will be created + resource "kubernetes_config_map" "aws_auth" { + data = (known after apply) + id = (known after apply)
+ metadata { + generation = (known after apply) + labels = { + "app.kubernetes.io/managed-by" = "Terraform" + "terraform.io/module" = "terraform-aws-modules.eks.aws" } + name = "aws-auth" + namespace = "kube-system" + resource_version = (known after apply) + uid = (known after apply) } }
# module.eks.local_file.kubeconfig[0] will be created + resource "local_file" "kubeconfig" { + content = (known after apply) + directory_permission = "0755" + file_permission = "0600" + filename = (known after apply) + id = (known after apply) }
# module.vpc.aws_eip.nat[0] will be created + resource "aws_eip" "nat" { + allocation_id = (known after apply) + association_id = (known after apply) + carrier_ip = (known after apply) + customer_owned_ip = (known after apply) + domain = (known after apply) + id = (known after apply) + instance = (known after apply) + network_border_group = (known after apply) + network_interface = (known after apply) + private_dns = (known after apply) + private_ip = (known after apply) + public_dns = (known after apply) + public_ip = (known after apply) + public_ipv4_pool = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc = true }
# module.vpc.aws_internet_gateway.this[0] will be created + resource "aws_internet_gateway" "this" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_nat_gateway.this[0] will be created + resource "aws_nat_gateway" "this" { + allocation_id = (known after apply) + connectivity_type = "public" + id = (known after apply) + network_interface_id = (known after apply) + private_ip = (known after apply) + public_ip = (known after apply) + subnet_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) }
# module.vpc.aws_route.private_nat_gateway[0] will be created + resource "aws_route" "private_nat_gateway" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply)
+ timeouts { + create = "5m" } }
# module.vpc.aws_route.public_internet_gateway[0] will be created + resource "aws_route" "public_internet_gateway" { + destination_cidr_block = "0.0.0.0/0" + gateway_id = (known after apply) + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + route_table_id = (known after apply) + state = (known after apply)
+ timeouts { + create = "5m" } }
# module.vpc.aws_route_table.private[0] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_route_table.public[0] will be created + resource "aws_route_table" "public" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + route = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_route_table_association.private[0] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_route_table_association.private[1] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_route_table_association.private[2] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_route_table_association.public[0] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_route_table_association.public[1] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_route_table_association.public[2] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + route_table_id = (known after apply) + subnet_id = (known after apply) }
# module.vpc.aws_subnet.private[0] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2a" + availability_zone_id = (known after apply) + cidr_block = "10.0.1.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = false + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_subnet.private[1] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2b" + availability_zone_id = (known after apply) + cidr_block = "10.0.2.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = false + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_subnet.private[2] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2c" + availability_zone_id = (known after apply) + cidr_block = "10.0.3.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = false + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_subnet.public[0] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2a" + availability_zone_id = (known after apply) + cidr_block = "10.0.4.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = true + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_subnet.public[1] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2b" + availability_zone_id = (known after apply) + cidr_block = "10.0.5.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = true + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_subnet.public[2] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-2c" + availability_zone_id = (known after apply) + cidr_block = "10.0.6.0/24" + id = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + map_public_ip_on_launch = true + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) + vpc_id = (known after apply) }
# module.vpc.aws_vpc.this[0] will be created + resource "aws_vpc" "this" { + arn = (known after apply) + assign_generated_ipv6_cidr_block = false + cidr_block = "10.0.0.0/16" + default_network_acl_id = (known after apply) + default_route_table_id = (known after apply) + default_security_group_id = (known after apply) + dhcp_options_id = (known after apply) + enable_classiclink = (known after apply) + enable_classiclink_dns_support = (known after apply) + enable_dns_hostnames = true + enable_dns_support = true + id = (known after apply) + instance_tenancy = "default" + ipv6_association_id = (known after apply) + ipv6_cidr_block = (known after apply) + main_route_table_id = (known after apply) + owner_id = (known after apply) + tags = (known after apply) + tags_all = (known after apply) }
Plan: 53 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ cluster_endpoint = (known after apply) + cluster_id = (known after apply) + cluster_name = (known after apply) + cluster_security_group_id = (known after apply) + config_map_aws_auth = [ + { + binary_data = null + data = (known after apply) + id = (known after apply) + metadata = [ + { + annotations = null + generate_name = null + generation = (known after apply) + labels = { + "app.kubernetes.io/managed-by" = "Terraform" + "terraform.io/module" = "terraform-aws-modules.eks.aws" } + name = "aws-auth" + namespace = "kube-system" + resource_version = (known after apply) + uid = (known after apply) }, ] }, ] + kubectl_config = (known after apply) + region = "us-east-2"
Do you want to perform these actions?
Terraform will perform the actions described above. Only 'yes' will be accepted to approve.
Enter a value:
Related[edit]
See also[edit]
- Terraform EKS, Terraform EKS module, Deploy EKS cluster using Terraform, Terraform EKS apply output,
terraform show, ~/.kube/config
,aws_eks_cluster, aws_eks_addon, module.eks_managed_node_group, eks-cluster.tf, node_groups, worker_groups
terraform apply
[-auto-approve
|-refresh-only, -destroy | --help ]
, Terraform examples,Still creating...
, Terraform apply examples with errors
Advertising: