Difference between revisions of "Terraform EKS module"
Jump to navigation
Jump to search
↑ https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest/submodules/eks-managed-node-group
↑ https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=inputs
↑ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon
Tags: Mobile web edit, Mobile edit |
|||
(69 intermediate revisions by 3 users not shown) | |||
Line 3: | Line 3: | ||
* Repo: https://github.com/terraform-aws-modules/terraform-aws-eks | * Repo: https://github.com/terraform-aws-modules/terraform-aws-eks | ||
* Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md | * Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md | ||
− | * [[Terraform EKS module official usage example| | + | * [[Terraform EKS module official usage example|Module official usage example]] |
* [[Deploy EKS cluster using Terraform]] | * [[Deploy EKS cluster using Terraform]] | ||
+ | [[Terraform EKS submodules|Submodules]]: | ||
+ | {{tf EKS sub TOC}} | ||
− | + | [[Terraform module: vpc]]: [[name]] | |
+ | == Inputs <ref>https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=inputs</ref> == | ||
+ | * <code>[[cluster_version]]</code> | ||
+ | * <code>[[cluster_name]]</code> | ||
+ | * <code>[[cluster_addons]]<ref>https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon</ref>: [[kube-proxy]], [[vpc-cni]], [[aws-ebs-csi-driver]], [[core_dns]]</code> | ||
+ | * <code>[[cluster_enabled_log_types]] = ["[[API]]", "[[audit]]", "[[authenticator]]", "[[controllerManager]]", "[[scheduler]]"]</code> | ||
− | |||
− | |||
− | |||
− | |||
* <code>[[create_aws_auth_configmap]]</code> | * <code>[[create_aws_auth_configmap]]</code> | ||
* <code>[[manage_aws_auth_configmap]]</code> | * <code>[[manage_aws_auth_configmap]]</code> | ||
+ | * <code>[[enable_irsa]]</code>. See also: [[Terraform irsa-ebs-csi module]] | ||
+ | |||
* <code>[[aws_auth_users]]</code> | * <code>[[aws_auth_users]]</code> | ||
* <code>[[aws_auth_roles]]</code> | * <code>[[aws_auth_roles]]</code> | ||
− | + | * <code>[[aws_auth_accounts]]</code> | |
* <code>[[eks_managed_node_group_defaults]]</code> | * <code>[[eks_managed_node_group_defaults]]</code> | ||
* <code>[[eks_managed_node_groups]]</code> | * <code>[[eks_managed_node_groups]]</code> | ||
* <code>[[self_managed_node_groups]]</code> [[submodule]] | * <code>[[self_managed_node_groups]]</code> [[submodule]] | ||
* <code>[[attach cluster primary security group]]</code> | * <code>[[attach cluster primary security group]]</code> | ||
+ | * <code>[[attach_cluster_encryption_policy]]</code> | ||
+ | * <code>[[cluster_encryption_config]]</code> | ||
+ | * <code>[[cluster_encryption_policy_description]]</code> | ||
+ | * <code>[[cluster_encryption_policy_name]]</code> | ||
+ | * <code>[[cluster_encryption_policy_path]]</code> | ||
+ | * <code>[[cluster_encryption_policy_tags]]</code> | ||
+ | * <code>[[cluster_encryption_policy_use_name_prefix]]</code> | ||
+ | |||
+ | * <code>[[create_kms_key]]</code>: default true | ||
+ | * <code>[[enable_kms_key_rotation]]</code> | ||
+ | |||
+ | * <code>[[cloudwatch_log_group_retention_in_day]]</code>, default 90 days. | ||
+ | * <code>[[cluster_endpoint_public_access]]</code> | ||
+ | |||
+ | * <code>[[custom_oidc_thumbprints]]</code> | ||
+ | * <code>[[include_oidc_root_ca_thumbprint]]</code> | ||
+ | == Resources == | ||
+ | 39 Resources (<code>[[.this]], [[.node]], [[.node_additional]]. .additional, .aws_auth, .before_compute, .cluster, .cluster_encryption, .cluster_primary_security_group, .cni_ipv6_policy, .controller, .controller_additional, [[.oidc_provider]]</code>) https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=resources: | ||
+ | * [[Terraform resource]]: <code>[[Terraform resource: aws eks cluster|aws_eks_cluster]]</code> | ||
+ | |||
+ | [[aws_autoscaling_group]].this | ||
+ | [[aws_autoscaling_schedule]].this | ||
+ | [[aws_cloudwatch_event_rule]].this | ||
+ | [[aws_cloudwatch_log_group]].this | ||
+ | [[aws_ec2_tag.cluster_primary_security_group]] | ||
+ | [[aws_eks_access_entry]].node | ||
+ | [[aws_eks_access_policy_association]].this | ||
+ | [[aws_eks_addon.before_compute]] | ||
+ | [[aws_eks_addon]].this | ||
+ | [[aws_eks_cluster]].this | ||
+ | [[aws_eks_fargate_profile]].this | ||
+ | [[aws_eks_identity_provider_config]].this | ||
+ | [[aws_eks_node_group]].this | ||
+ | [[aws_iam_instance_profile]].this | ||
+ | [[aws_iam_openid_connect_provider]].oidc_provider | ||
+ | [[aws_iam_policy.cluster_encryption]] | ||
+ | [[aws_iam_policy]].cni_ipv6_policy | ||
+ | [[aws_iam_policy]].controller | ||
+ | [[aws_iam_role]].controller | ||
+ | [[aws_iam_role]].node | ||
+ | [[aws_iam_role]].this | ||
+ | [[aws_iam_role_policy_attachment]].additional | ||
+ | [[aws_iam_role_policy_attachment]].cluster_encryption | ||
+ | [[aws_iam_role_policy_attachment]].controller | ||
+ | [[aws_iam_role_policy_attachment]].controller_additional | ||
+ | [[aws_iam_role_policy_attachment]].node | ||
+ | [[aws_iam_role_policy_attachment]].node_additional | ||
+ | [[aws_iam_role_policy_attachment]].this | ||
+ | [[aws_launch_template]].this | ||
+ | [[aws_security_group]].cluster | ||
+ | [[aws_security_group]].node | ||
+ | [[aws_security_group_rule]].cluster | ||
+ | [[aws_security_group_rule]].node | ||
+ | [[aws_sqs_queue]].this | ||
+ | [[aws_sqs_queue_policy]].this | ||
+ | [[kubernetes_config_map]].aws_auth | ||
+ | [[kubernetes_config_map_v1_data]].aws_auth | ||
+ | [[time_sleep]].this | ||
+ | |||
+ | == Resources == | ||
+ | * <code>[[kubernetes_config_map_v1_data.aws_auth]]</code> | ||
== Submodules == | == Submodules == | ||
+ | * <code>[[Terraform provider: aws]]</code> | ||
* <code>[[eks_managed_node_groups]]</code> | * <code>[[eks_managed_node_groups]]</code> | ||
* <code>[[_user_data]]</code> | * <code>[[_user_data]]</code> | ||
Line 32: | Line 99: | ||
* <code>[[karpenter]]</code> | * <code>[[karpenter]]</code> | ||
* <code>[[self-managed-node-group]] ([[self_managed_node_groups]])</code> | * <code>[[self-managed-node-group]] ([[self_managed_node_groups]])</code> | ||
+ | |||
+ | == [[Terraform providers]] == | ||
+ | * [[Terraform provider: Kubernetes]] | ||
+ | * [[Terraform provider: cloud-init]] | ||
+ | * <code>[[hashicorp/time]]</code> | ||
+ | * <code>[[hashicorp/tls]]</code> | ||
== Examples == | == Examples == | ||
Line 40: | Line 113: | ||
== Related == | == Related == | ||
− | * [[Terraform module: | + | * [[Terraform module: VPC]] |
− | * | + | * [[hashicorp/kubernetes]] |
− | |||
− | |||
− | |||
* <code>[[Error: Unsupported argument]]</code> | * <code>[[Error: Unsupported argument]]</code> | ||
* <code>[[module.eks]]</code> | * <code>[[module.eks]]</code> | ||
* [[Terraform EKS resources]] | * [[Terraform EKS resources]] | ||
− | |||
* <code>[[eks-cluster.tf]]</code> | * <code>[[eks-cluster.tf]]</code> | ||
− | |||
* [[Deploy EKS cluster using Terraform]] | * [[Deploy EKS cluster using Terraform]] | ||
* [[EKS addons]]: [[Terraform EKS module addons]] | * [[EKS addons]]: [[Terraform EKS module addons]] | ||
− | + | ||
* <code>[[instance_types]]</code> | * <code>[[instance_types]]</code> | ||
+ | * [[Terraform submodule: iam-assumable-role-with-oidc]] | ||
+ | * [[KICS execution example]] | ||
+ | * [[Amazon EKS Blueprints for Terraform]]: [[Terraform module: eks blueprints addons|eks_blueprints_addons]], [[terraform-aws-eks-blueprints-teams]] | ||
+ | * [[Terraform EKS submodule: aws-ebs-csi-driver]] | ||
== See also == | == See also == |
Latest revision as of 13:23, 12 June 2024
Terraform EKS module
- https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest
- Repo: https://github.com/terraform-aws-modules/terraform-aws-eks
- Changelog: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CHANGELOG.md
- Module official usage example
- Deploy EKS cluster using Terraform
Contents
Inputs [2][edit]
cluster_version
cluster_name
cluster_addons[3]: kube-proxy, vpc-cni, aws-ebs-csi-driver, core_dns
cluster_enabled_log_types = ["API", "audit", "authenticator", "controllerManager", "scheduler"]
create_aws_auth_configmap
manage_aws_auth_configmap
enable_irsa
. See also: Terraform irsa-ebs-csi module
aws_auth_users
aws_auth_roles
aws_auth_accounts
eks_managed_node_group_defaults
eks_managed_node_groups
self_managed_node_groups
submoduleattach cluster primary security group
attach_cluster_encryption_policy
cluster_encryption_config
cluster_encryption_policy_description
cluster_encryption_policy_name
cluster_encryption_policy_path
cluster_encryption_policy_tags
cluster_encryption_policy_use_name_prefix
create_kms_key
: default trueenable_kms_key_rotation
cloudwatch_log_group_retention_in_day
, default 90 days.cluster_endpoint_public_access
Resources[edit]
39 Resources (.this, .node, .node_additional. .additional, .aws_auth, .before_compute, .cluster, .cluster_encryption, .cluster_primary_security_group, .cni_ipv6_policy, .controller, .controller_additional, .oidc_provider
) https://registry.terraform.io/modules/terraform-aws-modules/eks/aws/latest?tab=resources:
aws_autoscaling_group.this aws_autoscaling_schedule.this aws_cloudwatch_event_rule.this aws_cloudwatch_log_group.this aws_ec2_tag.cluster_primary_security_group aws_eks_access_entry.node aws_eks_access_policy_association.this aws_eks_addon.before_compute aws_eks_addon.this aws_eks_cluster.this aws_eks_fargate_profile.this aws_eks_identity_provider_config.this aws_eks_node_group.this aws_iam_instance_profile.this aws_iam_openid_connect_provider.oidc_provider aws_iam_policy.cluster_encryption aws_iam_policy.cni_ipv6_policy aws_iam_policy.controller aws_iam_role.controller aws_iam_role.node aws_iam_role.this aws_iam_role_policy_attachment.additional aws_iam_role_policy_attachment.cluster_encryption aws_iam_role_policy_attachment.controller aws_iam_role_policy_attachment.controller_additional aws_iam_role_policy_attachment.node aws_iam_role_policy_attachment.node_additional aws_iam_role_policy_attachment.this aws_launch_template.this aws_security_group.cluster aws_security_group.node aws_security_group_rule.cluster aws_security_group_rule.node aws_sqs_queue.this aws_sqs_queue_policy.this kubernetes_config_map.aws_auth kubernetes_config_map_v1_data.aws_auth time_sleep.this
Resources[edit]
Submodules[edit]
Terraform provider: aws
eks_managed_node_groups
_user_data
eks-managed-node-group
fargate-profile
karpenter
self-managed-node-group (self_managed_node_groups)
Terraform providers[edit]
Examples[edit]
Activities[edit]
Related[edit]
- Terraform module: VPC
- hashicorp/kubernetes
Error: Unsupported argument
module.eks
- Terraform EKS resources
eks-cluster.tf
- Deploy EKS cluster using Terraform
- EKS addons: Terraform EKS module addons
instance_types
- Terraform submodule: iam-assumable-role-with-oidc
- KICS execution example
- Amazon EKS Blueprints for Terraform: eks_blueprints_addons, terraform-aws-eks-blueprints-teams
- Terraform EKS submodule: aws-ebs-csi-driver
See also[edit]
- Terraform EKS module:
manage_aws_auth_configmap, create_aws_auth_configmap, aws_auth_roles, aws_auth_users, aws_auth_accounts, module.eks, Amazon EKS Blueprints for Terraform, OIDC
Advertising: