This module creates an EKS cluster, associated cluster IAM role, and applies EKS worker policies to the worker node IAM roles.
In order to get a working cluster: manual steps must be performed after the cluster is built. The module will output the required configuration files to enable client and worker node setup and configuration.
module "eks_cluster" {
source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-eks//modules/cluster/?ref=v0.12.5"
name = local.eks_cluster_name
subnets = concat(module.vpc.private_subnets, module.vpc.public_subnets) # Required
tags = "${local.tags}"
worker_roles = [module.eks_workers.iam_role]
worker_roles_count = 1
}
Full working references are available at examples
There should be no changes required to move from previous versions of this module to version 0.12.0 or higher.
Name | Version |
---|---|
terraform | >= 0.12 |
aws | >= 2.7.0 |
Name | Version |
---|---|
aws | >= 2.7.0 |
null | n/a |
template | n/a |
No Modules.
Name |
---|
aws_cloudwatch_log_group |
aws_eks_cluster |
aws_iam_policy |
aws_iam_policy_document |
aws_iam_role |
aws_iam_role |
aws_iam_role_policy_attachment |
null_resource |
template_file |
Name | Description | Type | Default | Required |
---|---|---|---|---|
alb_ingress_controller_enable | A boolean value that determines if IAM policies related to ALB ingress controller should be created. | bool |
true |
no |
bootstrap_arguments | Any optional parameters for the EKS Bootstrapping script. This is ignored for all os's except Amazon EKS | string |
"" |
no |
bootstrap_arguments_windows | Any optional parameters for the EKS Bootstrapping script. This is ignored for all os's except Windows EKS | string |
"" |
no |
cluster_autoscaler_enable | A boolean value that determines if IAM policies related to cluster autoscaler should be created. | bool |
true |
no |
enabled_cluster_log_types | A list of the desired control plane logging to enable. All logs are enabled by default. | list(string) |
[ |
no |
environment | Application environment for which this network is being created. Preferred value are Development, Integration, PreProduction, Production, QA, Staging, or Test | string |
"Development" |
no |
kubernetes_version | The desired Kubernetes version for your cluster. If you do not specify a value here, the latest version available in Amazon EKS is used. | string |
"" |
no |
log_group_retention | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 0 (Never Expire), 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | number |
0 |
no |
manage_log_group | Optionally manage the cluster log group via Terraform. Couple with log_group_retention to use a retention other than 'Never Expire'. |
bool |
false |
no |
name | The desired name for the EKS cluster. | string |
n/a | yes |
security_groups | Optional list of additional security groups to apply to the EKS Control Plane. These groups should enable access to the EKS Worker nodes. | list(string) |
[] |
no |
subnets | List of public and private subnets used for the EKS control plane. | list(string) |
n/a | yes |
tags | Optional tags to be applied on top of the base tags on all resources | map(string) |
{} |
no |
wait_for_cluster | A variable to control whether we pause deployment after creating the EKS cluster to allow time to fully launch. | bool |
true |
no |
worker_roles | List of IAM roles assigned to worker nodes. | list(string) |
[] |
no |
worker_roles_count | The number of worker IAM roles provided. | number |
0 |
no |
Name | Description |
---|---|
aws_auth_cm | Contents of the aws-auth-cm.yaml used for cluster configuration. Value should be retrieved with CLI or SDK to ensure proper formatting |
certificate_authority_data | Assigned CA data for the EKS Cluster |
cluster_security_group_id | The cluster security group that was created by Amazon EKS for the cluster |
endpoint | Management endpoint of the EKS Cluster |
iam_alb_ingress | ARN of the EKS Cluster Node ALB Ingress Controller IAM policy |
iam_all_node_policies | ARN of all EKS Cluster Node IAM polices |
iam_autoscaler | ARN of the EKS Cluster Node Cluster Autoscaler IAM policy |
iam_cw_logs | ARN of the EKS Cluster Node Cloudwatch Logs IAM policy |
identity | Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. https://www.terraform.io/docs/providers/aws/r/eks_cluster.html#identity |
kube_map_roles | The string value used to configure the cluster with the kubernetes_config_map resource |
kubeconfig | Contents of the kubeconfig file used to connect to the cluster for management. Value should be retrieved with CLI or SDK to ensure proper formatting |
name | Assigned name of the EKS Cluster |
setup | Default EKS bootstrapping script for Linux EC2 instances |
setup_windows | Default EKS bootstrapping script for Windows EC2 instances |