Difference between revisions of "Terraform EKS module"
Jump to navigation
Jump to search
↑ https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest/submodules/eks-managed-node-group
↑ https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=inputs
↑ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon
| (25 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
* Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md | * Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md | ||
* [[Terraform EKS module official usage example|Module official usage example]] | * [[Terraform EKS module official usage example|Module official usage example]] | ||
| + | * [[Deploy EKS cluster using Terraform]] | ||
[[Terraform EKS submodules|Submodules]]: | [[Terraform EKS submodules|Submodules]]: | ||
{{tf EKS sub TOC}} | {{tf EKS sub TOC}} | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | [[Terraform module: vpc]]: [[name]] | ||
== Inputs <ref>https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=inputs</ref> == | == Inputs <ref>https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=inputs</ref> == | ||
* <code>[[cluster_version]]</code> | * <code>[[cluster_version]]</code> | ||
* <code>[[cluster_name]]</code> | * <code>[[cluster_name]]</code> | ||
| − | * <code>[[cluster_addons]]: [[kube-proxy]], [[vpc-cni]], [[aws-ebs-csi-driver]], [[core_dns]]</code> | + | * <code>[[cluster_addons]]<ref>https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon</ref>: [[kube-proxy]], [[vpc-cni]], [[aws-ebs-csi-driver]], [[core_dns]]</code> |
| + | * <code>[[cluster_enabled_log_types]] = ["[[API]]", "[[audit]]", "[[authenticator]]", "[[controllerManager]]", "[[scheduler]]"]</code> | ||
* <code>[[create_aws_auth_configmap]]</code> | * <code>[[create_aws_auth_configmap]]</code> | ||
* <code>[[manage_aws_auth_configmap]]</code> | * <code>[[manage_aws_auth_configmap]]</code> | ||
| − | * <code>[[enable_irsa]]</code> | + | * <code>[[enable_irsa]]</code>. See also: [[Terraform irsa-ebs-csi module]] |
| + | |||
* <code>[[aws_auth_users]]</code> | * <code>[[aws_auth_users]]</code> | ||
* <code>[[aws_auth_roles]]</code> | * <code>[[aws_auth_roles]]</code> | ||
| Line 38: | Line 35: | ||
* <code>[[cluster_encryption_policy_use_name_prefix]]</code> | * <code>[[cluster_encryption_policy_use_name_prefix]]</code> | ||
| − | * <code>[[create_kms_key]]</code> | + | * <code>[[create_kms_key]]</code>: default true |
* <code>[[enable_kms_key_rotation]]</code> | * <code>[[enable_kms_key_rotation]]</code> | ||
| Line 44: | Line 41: | ||
* <code>[[cluster_endpoint_public_access]]</code> | * <code>[[cluster_endpoint_public_access]]</code> | ||
| + | * <code>[[custom_oidc_thumbprints]]</code> | ||
| + | * <code>[[include_oidc_root_ca_thumbprint]]</code> | ||
| + | |||
| + | == Resources == | ||
| + | 39 Resources (<code>[[.this]], [[.node]], [[.node_additional]]. .additional, .aws_auth, .before_compute, .cluster, .cluster_encryption, .cluster_primary_security_group, .cni_ipv6_policy, .controller, .controller_additional, [[.oidc_provider]]</code>) https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=resources: | ||
| + | |||
| + | * [[Terraform resource]]: <code>[[Terraform resource: aws eks cluster|aws_eks_cluster]]</code> | ||
| + | |||
| + | [[aws_autoscaling_group]].this | ||
| + | [[aws_autoscaling_schedule]].this | ||
| + | [[aws_cloudwatch_event_rule]].this | ||
| + | [[aws_cloudwatch_log_group]].this | ||
| + | [[aws_ec2_tag.cluster_primary_security_group]] | ||
| + | [[aws_eks_access_entry]].node | ||
| + | [[aws_eks_access_policy_association]].this | ||
| + | [[aws_eks_addon.before_compute]] | ||
| + | [[aws_eks_addon]].this | ||
| + | [[aws_eks_cluster]].this | ||
| + | [[aws_eks_fargate_profile]].this | ||
| + | [[aws_eks_identity_provider_config]].this | ||
| + | [[aws_eks_node_group]].this | ||
| + | [[aws_iam_instance_profile]].this | ||
| + | [[aws_iam_openid_connect_provider]].oidc_provider | ||
| + | [[aws_iam_policy.cluster_encryption]] | ||
| + | [[aws_iam_policy]].cni_ipv6_policy | ||
| + | [[aws_iam_policy]].controller | ||
| + | [[aws_iam_role]].controller | ||
| + | [[aws_iam_role]].node | ||
| + | [[aws_iam_role]].this | ||
| + | [[aws_iam_role_policy_attachment]].additional | ||
| + | [[aws_iam_role_policy_attachment]].cluster_encryption | ||
| + | [[aws_iam_role_policy_attachment]].controller | ||
| + | [[aws_iam_role_policy_attachment]].controller_additional | ||
| + | [[aws_iam_role_policy_attachment]].node | ||
| + | [[aws_iam_role_policy_attachment]].node_additional | ||
| + | [[aws_iam_role_policy_attachment]].this | ||
| + | [[aws_launch_template]].this | ||
| + | [[aws_security_group]].cluster | ||
| + | [[aws_security_group]].node | ||
| + | [[aws_security_group_rule]].cluster | ||
| + | [[aws_security_group_rule]].node | ||
| + | [[aws_sqs_queue]].this | ||
| + | [[aws_sqs_queue_policy]].this | ||
| + | [[kubernetes_config_map]].aws_auth | ||
| + | [[kubernetes_config_map_v1_data]].aws_auth | ||
| + | [[time_sleep]].this | ||
== Resources == | == Resources == | ||
| − | * [[kubernetes_config_map_v1_data.aws_auth]] | + | * <code>[[kubernetes_config_map_v1_data.aws_auth]]</code> |
== Submodules == | == Submodules == | ||
| Line 70: | Line 113: | ||
== Related == | == Related == | ||
| + | * [[Terraform module: VPC]] | ||
* [[hashicorp/kubernetes]] | * [[hashicorp/kubernetes]] | ||
* <code>[[Error: Unsupported argument]]</code> | * <code>[[Error: Unsupported argument]]</code> | ||
| Line 81: | Line 125: | ||
* [[Terraform submodule: iam-assumable-role-with-oidc]] | * [[Terraform submodule: iam-assumable-role-with-oidc]] | ||
* [[KICS execution example]] | * [[KICS execution example]] | ||
| + | * [[Amazon EKS Blueprints for Terraform]]: [[Terraform module: eks blueprints addons|eks_blueprints_addons]], [[terraform-aws-eks-blueprints-teams]] | ||
| + | * [[Terraform EKS submodule: aws-ebs-csi-driver]] | ||
== See also == | == See also == | ||
Latest revision as of 13:23, 12 June 2024
Terraform EKS module
- https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest
- Repo: https://github.com/terraform-aws-modules/terraform-aws-eks
- Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md
- Module official usage example
- Deploy EKS cluster using Terraform
Contents
Inputs [2][edit]
cluster_versioncluster_namecluster_addons[3]: kube-proxy, vpc-cni, aws-ebs-csi-driver, core_dnscluster_enabled_log_types = ["API", "audit", "authenticator", "controllerManager", "scheduler"]
create_aws_auth_configmapmanage_aws_auth_configmapenable_irsa. See also: Terraform irsa-ebs-csi module
aws_auth_usersaws_auth_rolesaws_auth_accountseks_managed_node_group_defaultseks_managed_node_groupsself_managed_node_groupssubmoduleattach cluster primary security groupattach_cluster_encryption_policycluster_encryption_configcluster_encryption_policy_descriptioncluster_encryption_policy_namecluster_encryption_policy_pathcluster_encryption_policy_tagscluster_encryption_policy_use_name_prefix
create_kms_key: default trueenable_kms_key_rotation
cloudwatch_log_group_retention_in_day, default 90 days.cluster_endpoint_public_access
Resources[edit]
39 Resources (.this, .node, .node_additional. .additional, .aws_auth, .before_compute, .cluster, .cluster_encryption, .cluster_primary_security_group, .cni_ipv6_policy, .controller, .controller_additional, .oidc_provider) https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=resources:
aws_autoscaling_group.this aws_autoscaling_schedule.this aws_cloudwatch_event_rule.this aws_cloudwatch_log_group.this aws_ec2_tag.cluster_primary_security_group aws_eks_access_entry.node aws_eks_access_policy_association.this aws_eks_addon.before_compute aws_eks_addon.this aws_eks_cluster.this aws_eks_fargate_profile.this aws_eks_identity_provider_config.this aws_eks_node_group.this aws_iam_instance_profile.this aws_iam_openid_connect_provider.oidc_provider aws_iam_policy.cluster_encryption aws_iam_policy.cni_ipv6_policy aws_iam_policy.controller aws_iam_role.controller aws_iam_role.node aws_iam_role.this aws_iam_role_policy_attachment.additional aws_iam_role_policy_attachment.cluster_encryption aws_iam_role_policy_attachment.controller aws_iam_role_policy_attachment.controller_additional aws_iam_role_policy_attachment.node aws_iam_role_policy_attachment.node_additional aws_iam_role_policy_attachment.this aws_launch_template.this aws_security_group.cluster aws_security_group.node aws_security_group_rule.cluster aws_security_group_rule.node aws_sqs_queue.this aws_sqs_queue_policy.this kubernetes_config_map.aws_auth kubernetes_config_map_v1_data.aws_auth time_sleep.this
Resources[edit]
Submodules[edit]
Terraform provider: awseks_managed_node_groups_user_dataeks-managed-node-groupfargate-profilekarpenterself-managed-node-group (self_managed_node_groups)
Terraform providers[edit]
Examples[edit]
Activities[edit]
Related[edit]
- Terraform module: VPC
- hashicorp/kubernetes
Error: Unsupported argumentmodule.eks- Terraform EKS resources
eks-cluster.tf- Deploy EKS cluster using Terraform
- EKS addons: Terraform EKS module addons
instance_types- Terraform submodule: iam-assumable-role-with-oidc
- KICS execution example
- Amazon EKS Blueprints for Terraform: eks_blueprints_addons, terraform-aws-eks-blueprints-teams
- Terraform EKS submodule: aws-ebs-csi-driver
See also[edit]
- Terraform EKS module:
manage_aws_auth_configmap, create_aws_auth_configmap, aws_auth_roles, aws_auth_users, aws_auth_accounts, module.eks, Amazon EKS Blueprints for Terraform, OIDC
Advertising:
